pub   ed25519/31DA8032081D901D 2023-11-12 [C] [expires: 2024-11-11]
      Key fingerprint = EA0B 7399 ECCF 9282 A74E  F8F8 31DA 8032 081D 901D
uid                 [ultimate] Lars Wirzenius
uid                 [ultimate] Lars Wirzenius <liw@liw.fi>
sub   ed25519/6766716690EC0D85 2023-11-12 [S]
sub   cv25519/2BC6E410BAD2972F 2023-11-12 [E]

I've created a new OpenPGP key, to replace my old one. The new key uses elliptic curve 25519, where the old key uses RSA and is 4096 bits. This means new key is smaller, which is convenient for me.

I also get to start from a clean slate: I've made a bit of a mess with the way my old key and its subkeys are stored. I have subkeys that now only exist on a single Yubikey, which means when (not if) that stops working, there are files I can't decrypt anymore. (I'll have to make sure to decrypt, and maybe re-encrypt, all such data, as long as I have access to the key.)

I use an OpenPGP key for encryption and signing:

• the password-store ("pass") password manager
• packages uploaded to my personal APT repository
• git tags and commits
• emails (mostly signing, sometimes encryption)
• probably more

It would be possible for me to replace all of this with other methods, but I don't want to. I know a lot of people don't want to use OpenPGP. This is about me.

My threat model for OpenPGP, these days, is that I lose the device where the key is stored. I mitigate this by only ever storing key material on encrypted media, which is reasonably easy, as I routinely encrypt all my storage anyway. My threat model no longer includes people using violence to get access to my key, or protecting my secrets and privacy against well funded attackers without scruples, or otherwise targeting me and being willing and able to take extraordinary measures.

(That's my threat model. Yours is probably different. I'm not giving you advice on defending yourself here.)

Here's what I'm doing now:

• A primary key for certification only.
  • only used to certify other people's keys and my own subkeys
  • elliptic curve 25519
  • a software key, so I can back it up
  • stored on more than one encrypted USB drives, but not on my laptop
  • it's OK that it's a little cumbersome to use this key, as I do it rarely
  • expires in 12 months, but I will extend this before it does; I've set up some automation to remind me to do that using an innovative application of artif... a calendar
• An encryption subkey.
  • used for encrypting and decrypting data so nobody else can read it
  • elliptic curve 25519
• A signing subkey.
  • used to sign data so others know it's from me
  • elliptic curve 25519
• No authentication subkey.
  • I don't want to use my OpenPGP key for SSH.

I've uploaded the new key to https://keys.openpgp.org/ and http://the.earth.li/. I've certified the new key with my old one, and vice versa. The new key is also available via WKD.

Overall, this allows me to use OpenPGP conveniently, but sufficiently securely for my personal needs.