|
|
|
|
|
|
by acdha
2865 days ago
|
|
|
That's true assuming that the browser doesn't offer any way to manage that using e.g. Chrome/Firefox Sync. What PGP really needs is a modern security model so you'd have many device keys registered to an identity rather than requiring the risk of spreading copies around. I think I have IIRC 8 GPG subkeys currently (6 of them being Yubikeys) and every aspect of that toolchain is unacceptable in the modern era. |
|
|
What do you mean by "device keys"? Something like forward secrecy keys for initial session setup as used by e.g. Signal? This could be done with some effort... actually Rust OpenPGP library Sequoia developers already work on making this use case easier.
Another set of patches circulating on the ML adds support for TPM bound keys, that are non extractable.