> On 26 Aug 2019, at 18:17, Daniel Clery <[email protected]> wrote: > > Tangentially related - I've seen docs recommending having your portable > keychain have a subkey for signing, and that keychain to lack the master > secret key entirely ( and putting that one in an undisclosed secure > location), with a different passphrase, etc. What are gnupg-users thoughts on > that sort of setup?
It’s a nice idea in principle, but it’s a technical violation (sorry, nonstandard extension) of the standard to allow bare private subkeys, so many mobile clients (e.g. ipgmail) don’t support it. I used to do this on my laptops with gnupg (which does support it) but have since migrated to smartcards. With the advent of NFC and lightning hardware tokens, it will make more sense to use them for all devices, removing the need for nonstandard extensions entirely. There is a non-negligible cost for the hardware, but it is *much* more convenient and secure to plug a card or dongle into a new device than it is to transfer subkey bundles (which are still sensitive data, even without the primary key). A _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
