On Tue 2018-04-17 00:39:41 +0900, Norbert Preining wrote:
>> problematic.  How do you handle it during this transition?
>
> I have my expired key available on my computer, and the active subkey
> only on the Yubikey I use. That means I can still decrypt old
> messages etc, but for signing and decrypting messages to the current key
> I need to have the Yubikey available.

what do you see as the advantage of a hardware token for message
decryption given that the key will be transferred to main memory after
it expires?  is it the marginal temporal advantage of key
inaccessibility for a software-based attacker, or something else?

   --dkg

Reply via email to