Sunset of a smartcard encryption key

[Andreas K. Huettel]

Hi all, 

so here's a question that I'm sure people here have already been thinking 
about... Like probably many others here I have a gpg smartcard with three 
subkeys Sign, Encrypt, Authenticate, and an offline Certify master key at a safe 
place. 

* If I want to let my Signature subkey expire and generate a new one, that's 
not a big problem for me, since the public key is still available to everyone 
on the keyservers for verifying sigs.
* If I want to let my Auth subkey expire and generate a new one, well I just 
need to add the new one to all authorized_keys files in time.

But how do I sensibly handle a graceful sunset of an encryption key? If I 
replace the subkey on my card, I immediately can't read old e-mails anymore.

If I had the key in a file, I could keep the old, expired subkey around and 
still decrypt the data, but that would kinda defy the security provided by the 
card...

My best idea so far is to generate a second token (Nitrokey, Yubikey or 
similar) *only* for old encryption subkeys, and additionally plug that in if I 
need to read an old message. Does anyone already have experience with such a 
setup?

Best, 
Andreas

-- 
Andreas K. Hüttel
dilfridge at gentoo.org
Gentoo Linux developer 
(council, qa, toolchain, base-system, perl, libreoffice)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20200307/950dafcd/attachment.sig>