|
|
|
|
|
|
by trishankdatadog
2416 days ago
|
|
|
We're aware of hardware vulns like ROCA (we used to check the exact version of the YK, now we support only the major version 5). We're taking the risk anyway because the benefits of having the private keys generated and stored entirely on the YK is entirely worth it. We're also not primarily using the YK to encrypt messages. If continuing to decrypt shared messages in the future is critical, I'd personally look into HSMs which offers key-wrapped backup. |
|
|