[vlovich123]

> On the flip side, if someone steals your backup key, it becomes harder to deal with the situation; with distinct keys, you can just revoke access to the stolen key. But with cloned keys, revoking access to the stolen key will also revoke the key you use daily.

Get a new key, revoke old key, switch to new one?

[kelnos]

Right, but the "get new key" bit means that your accounts are in a vulnerable state while you're getting the new key.

If you have two independent keys, and you learn that your backup key is compromised, you immediately revoke it with all services, and order a new one. When the new one arrives, it becomes your new backup, and you enroll that in everything. Your vulnerability to an attacker ends immediately after you find that your backup key has been stolen and you revoke it.

If you have two identical keys, and you learn your backup key is compromised, you order a new one (or pair, rather), but you can't revoke the old key until the new one arrives, when and you can (simultaneously) revoke the old and enroll the new.

[FeepingCreature]

Of course, the problem here is that the attacker can also revoke your backup key, and since they're the attacker, they can probably do it faster than you.

Preferably I'd have a certificate chain scheme where I have a private revocation key sitting in a safe somewhere whose public key I specify everywhere, so I don't even need to take it out of the safe to sign up somewhere.