Re: Sunset of a smartcard encryption key
> On 7 Mar 2020, at 23:13, Stefan Claas via Gnupg-users > wrote: > > What I would like to know how people handle the case when a SmardCard gets > lost, > broken or maybe confiscicated at an Airport etc.? I generate my keys in a copy of Tails and then copy to smartcard without saving changes on disk; that way I have a backup of all key material. I’ve never lost a smartcard but last year I had to factory reset one and restore from the backup when it went a little haywire. Andrew Gallagher ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Sunset of a smartcard encryption key
Andreas K. Huettel via Gnupg-users wrote: > Hi all, > > so here's a question that I'm sure people here have already been thinking > about... Like probably many others here I have a gpg smartcard with three > subkeys Sign, Encrypt, Authenticate, and an offline Certify master key at a > safe place. > > * If I want to let my Signature subkey expire and generate a new one, that's > not a big problem for me, since the public key is still available to everyone > on the keyservers for verifying sigs. > * If I want to let my Auth subkey expire and generate a new one, well I just > need to add the new one to all authorized_keys files in time. > > But how do I sensibly handle a graceful sunset of an encryption key? If I > replace the subkey on my card, I immediately can't read old e-mails anymore. > > If I had the key in a file, I could keep the old, expired subkey around and > still decrypt the data, but that would kinda defy the security provided by > the card... > > My best idea so far is to generate a second token (Nitrokey, Yubikey or > similar) *only* for old encryption subkeys, and additionally plug that in if > I need to read an old message. Does anyone already have experience with such > a setup? What I would like to know how people handle the case when a SmardCard gets lost, broken or maybe confiscicated at an Airport etc.? Why not using an encrypted harddisk (VeraCrypt etc.), for important documents, files, which could be mounted on a dedicated offline computer (or maybe used with an online computer) and when not used put in a safe place? Regards Stefan -- Signal (Desktop) +4915172173279 https://keybase.io/stefan_claas ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Sunset of a smartcard encryption key
Hi all, so here's a question that I'm sure people here have already been thinking about... Like probably many others here I have a gpg smartcard with three subkeys Sign, Encrypt, Authenticate, and an offline Certify master key at a safe place. * If I want to let my Signature subkey expire and generate a new one, that's not a big problem for me, since the public key is still available to everyone on the keyservers for verifying sigs. * If I want to let my Auth subkey expire and generate a new one, well I just need to add the new one to all authorized_keys files in time. But how do I sensibly handle a graceful sunset of an encryption key? If I replace the subkey on my card, I immediately can't read old e-mails anymore. If I had the key in a file, I could keep the old, expired subkey around and still decrypt the data, but that would kinda defy the security provided by the card... My best idea so far is to generate a second token (Nitrokey, Yubikey or similar) *only* for old encryption subkeys, and additionally plug that in if I need to read an old message. Does anyone already have experience with such a setup? Best, Andreas -- Andreas K. Hüttel dilfri...@gentoo.org Gentoo Linux developer (council, qa, toolchain, base-system, perl, libreoffice) signature.asc Description: This is a digitally signed message part. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users