Yubikey 4 becoming non-free

• Previous message (by thread): Yubikey 4 becoming non-free
• Next message (by thread): Yubikey 4 becoming non-free
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Moritz,


Moritz Bartl <moritz at headstrong.de> writes:
> Both the Yubikey4/Neo (Javacard applets) and the OpenPGP Smartcard by
> Zeitcontrol support up to 4096bit RSA keys.

The Yubikey Neo support 2048 Bits and that is a key size that I am not
comfortable with.  It may be ok for now, but my email from now might not
be safe in a couple of years.  I don't want to risk that.  I have
recently seen a key with 16K and I thought that might be overkill, but
then again, better be safe than sorry.


> Where do you keep your subkeys if you rotate, say, every 6 months?

I find it an unnecessary hassle to rotate that often.  Also, I decided
against using subkeys and so I rotate the whole key.  I set the key to
expire one year after creation and then I decide if it's still safe once
a year.  If it is, I extend the deadline by another year.

Happy hacking!
Florian

• Previous message (by thread): Yubikey 4 becoming non-free
• Next message (by thread): Yubikey 4 becoming non-free
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]