On Sun 2018-04-15 15:49:09 +0200, Thomas Goirand wrote: > The keys support storing 3 4096 bits subkeys, for auth, encryption and > signing. You're not supposed to store your master key in the Yubikey, > instead you'd just save the master key far away in a safe place. The > only issue is that then, you can't exchange key signature only using the > Yubikey, but I guess that's fine. > > At Infomaniak, we have a master key without expiration, and the 3 > subkeys expire within 365 days, and are renewed every year.
how does this work dring the transition phase of encryption subkey rotation, when you've published your new encryption-capable key (so some peers have it) but your old encryption-capable key is not yet expired? During this stage of a subkey transition, i usually have some new messages arriving that are encrypted to the old subkey, and others that are encrypted to the new subkey. If i had put my decryption-capable subkey on a smartcard with exactly one slot for a decryption key, i wouldn't be able to decrypt some messages, so the usability seems problematic. How do you handle it during this transition? (note that this assumes that i'm running a MUA like the latest version of notmuch, which is capable of stashing session keys; otherwise, it's even worse: decrypting old e-mails from your archive is entirely impossible once you've rotated your decryption-capable secret key) --dkg