Hi, On Sun, May 09, 2021 at 10:00:25AM +0000, mailinglisten--- via Gnupg-users wrote:
I wasn´t aware the TPM has that much space, does the TPM hold really a complete key? Does it make sense to use ECC keys to save space on the TPM?
Keys are actually not stored *in* the TPM. When you use the `keytotpm` command, the key is encrypted in such a way that it can only be decrypted and used by the TPM, but the key is still stored, in this encrypted form, as a file under the $GNUPGHOME/private-keys-v1.d directory.
So there's no need to switch to ECC keys just to “save space on the TPM”. You can protect as many RSA keys as you want with the TPM without being constrained by space.
- Damien
signature.asc
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
