On 26.08.2019 19:37, Andrew Gallagher wrote:
Tangentially related - I've seen docs recommending having your portable
keychain have a subkey for signing, and that keychain to lack the master secret
key entirely ( and putting that one in an undisclosed secure location), with a
different passphrase, etc. What are gnupg-users thoughts on that sort of setup?
With the advent of NFC and lightning hardware tokens, it will make more sense
to use them for all devices, removing the need for nonstandard extensions
entirely. There is a non-negligible cost for the hardware, but it is *much*
more convenient and secure to plug a card or dongle into a new device than it
is to transfer subkey bundles (which are still sensitive data, even without the
primary key).
I agree. I'm using this kind of setup (offline master key and hardware
tokens for subkeys) and it works very well. If one sets URL field on the
token then just plugging the token when OpenKeychain is opened is enough
to get the key ready-to-use.
Having multiple subkeys for multiple devices can be problematic in
practice (e.g. GnuPG does not encrypt to all encryption subkeys or
Autocrypt clients only export one signing subkey etc.)
W.r.t. NFC there is this minor detail:
https://lists.gnupg.org/pipermail/gnupg-users/2018-December/061375.html
But from the UX point of view it's very convenient.
Kind regards,
Wiktor
_______________________________________________
Gnupg-users mailing list
[email protected]
http://lists.gnupg.org/mailman/listinfo/gnupg-users
