Long Term Key Management With Hardware Tokens
Brandon Anderson
brandon753.ba at gmail.com
Wed Jun 23 06:53:13 CEST 2021
>
> Or is it money? Something else?
Money and usability are certain factors here. Most of these tokens are
in the realm of $50 apiece; the GPG smart card, while closer to $20, is
still another $30 in shipping, so it would be costly unless I purchased
all ten upfront. Not to mention the user experience suffers; if I search
my email archive for some old record, I have to look through ten
different cards to find the correct one.
> If this single OpenPGP smartcard which holds all of your keys of the last
> decade breaks, what then? Then you have lost access to all encrypted documents
> of the last decade. If you'd use separate OpenPGP smartcards instead, then
> you'd lose access to only one key rotation interval worth of old encrypted
> documents.
>
> Regards,
> Ingo
Having retirement key slots makes it easier, not harder, to have
redundancy to protect against this. In my particular case, I would use
two smart cards at the initial state as safe backups. If one was very
concerned, you could use three. The probability that one card out of ten
will have a failure in a decade is far higher than the chance that all
two or three cards will have a failure. Allowing retirement key slots
means you can easily choose your level of redundancy while still keeping
your keys on secure hardware only.
Sincerely,
Brandon Anderson
More information about the Gnupg-users
mailing list