Hi all, so here's a question that I'm sure people here have already been thinking about... Like probably many others here I have a gpg smartcard with three subkeys Sign, Encrypt, Authenticate, and an offline Certify master key at a safe place.
* If I want to let my Signature subkey expire and generate a new one, that's not a big problem for me, since the public key is still available to everyone on the keyservers for verifying sigs. * If I want to let my Auth subkey expire and generate a new one, well I just need to add the new one to all authorized_keys files in time. But how do I sensibly handle a graceful sunset of an encryption key? If I replace the subkey on my card, I immediately can't read old e-mails anymore. If I had the key in a file, I could keep the old, expired subkey around and still decrypt the data, but that would kinda defy the security provided by the card... My best idea so far is to generate a second token (Nitrokey, Yubikey or similar) *only* for old encryption subkeys, and additionally plug that in if I need to read an old message. Does anyone already have experience with such a setup? Best, Andreas -- Andreas K. Hüttel [email protected] Gentoo Linux developer (council, qa, toolchain, base-system, perl, libreoffice)
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
