Separate OpenPGP cards for master key and sub-keys

Branko Majic branko at majic.rs
Mon Jun 3 14:41:46 CEST 2013


Hello all,

I'm looking into setting myself up with some OpenPGP cards, and I'm
looking into some opinions on using separate OpenPGP card for the
master key and sub-keys vs using a single OpenPGP card.

The idea behind this would be that my master OpenPGP card would be kept
in a safe area (hidden cavern, back home under pillow/mattress and
similar :), while I'd carry my sub-keys OpenPGP card with me at all
times and use it for every-day operations.

In particular, I'm curious to find out if there is any technical
limitation that I should be aware of if I go with this kind of schema?
Mainly in terms of how GnuPG handles the OpenPGP cards?

Does anyone utilise this kind of schema? Or do people go with soft
token for master key instead?

Best regards

P.S.
If somebody knows of a good previous thread about this topic, please do
feel free to point me to it with a link. "Best-practices" links in
terms of key management with OpenPGP smart-cards are welcome as
well, especially in terms of back-up :)

-- 
Branko Majic
Jabber: branko at majic.rs
Please use only Free formats when sending attachments to me.

Бранко Мајић
Џабер: branko at majic.rs
Молим вас да додатке шаљете искључиво у слободним форматима.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: </pipermail/attachments/20130603/7db7d8ea/attachment.sig>


More information about the Gnupg-users mailing list