On Tue, 22 Jun 2021 21:53, Brandon Anderson said: > concerned, you could use three. The probability that one card out of > ten will have a failure in a decade is far higher than the chance that
You should also be concerned that malware bricks your (backup) card. You can only avoid that by using an always air-gaped box which is pretty inconvenient. Paper copies are actually much more reliable. I meanwhile scribble down the key using a pencil and paper. Modern keys are short enough to do that. (you should also note the creation date). > all two or three cards will have a failure. Allowing retirement key > slots means you can easily choose your level of redundancy while still > keeping your keys on secure hardware only. Back to your original request. A new revision of the OpenPGP card is in the works and the plan is to add more key slots. Surely there will be some support for this in GnuPG. If you want support for the extra PIV slots, we first need to find a business case for this (its not just the development effort but also the future maintanence work which I have to consider). Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
signature.asc
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users