Or is it money? Something else?
Money and usability are certain factors here. Most of these tokens are
in the realm of $50 apiece; the GPG smart card, while closer to $20, is
still another $30 in shipping, so it would be costly unless I purchased
all ten upfront. Not to mention the user experience suffers; if I search
my email archive for some old record, I have to look through ten
different cards to find the correct one.
If this single OpenPGP smartcard which holds all of your keys of the last
decade breaks, what then? Then you have lost access to all encrypted documents
of the last decade. If you'd use separate OpenPGP smartcards instead, then
you'd lose access to only one key rotation interval worth of old encrypted
documents.
Regards,
Ingo
Having retirement key slots makes it easier, not harder, to have
redundancy to protect against this. In my particular case, I would use
two smart cards at the initial state as safe backups. If one was very
concerned, you could use three. The probability that one card out of ten
will have a failure in a decade is far higher than the chance that all
two or three cards will have a failure. Allowing retirement key slots
means you can easily choose your level of redundancy while still keeping
your keys on secure hardware only.
Sincerely,
Brandon Anderson
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
