Hi Moritz,
Moritz Bartl <[email protected]> writes: > Both the Yubikey4/Neo (Javacard applets) and the OpenPGP Smartcard by > Zeitcontrol support up to 4096bit RSA keys. The Yubikey Neo support 2048 Bits and that is a key size that I am not comfortable with. It may be ok for now, but my email from now might not be safe in a couple of years. I don't want to risk that. I have recently seen a key with 16K and I thought that might be overkill, but then again, better be safe than sorry. > Where do you keep your subkeys if you rotate, say, every 6 months? I find it an unnecessary hassle to rotate that often. Also, I decided against using subkeys and so I rotate the whole key. I set the key to expire one year after creation and then I decide if it's still safe once a year. If it is, I extend the deadline by another year. Happy hacking! Florian _______________________________________________ Discussion mailing list [email protected] https://mail.fsfeurope.org/mailman/listinfo/discussion
