On Tue, 22 Jun 2021 21:53, Brandon Anderson said:

> concerned, you could use three. The probability that one card out of
> ten will have a failure in a decade is far higher than the chance that

You should also be concerned that malware bricks your (backup) card.
You can only avoid that by using an always air-gaped box which is pretty
inconvenient.

Paper copies are actually much more reliable.  I meanwhile scribble down
the key using a pencil and paper.  Modern keys are short enough to do
that.  (you should also note the creation date).

> all two or three cards will have a failure. Allowing retirement key
> slots means you can easily choose your level of redundancy while still
> keeping your keys on secure hardware only.

Back to your original request.  A new revision of the OpenPGP card is in
the works and the plan is to add more key slots.  Surely there will be
some support for this in GnuPG.  If you want support for the extra PIV
slots, we first need to find a business case for this (its not just the
development effort but also the future maintanence work which I have to
consider).


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

Attachment: signature.asc
Description: PGP signature

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Reply via email to