On Du, 21 mar 21, 09:55:32, Andrei POPESCU wrote:
>
> Of course the *primary* private key should be protected properly. A
> Debian recommendation (that I can't find) was suggesting to generate and
> keep it on a Tails USB stick and use it only for certifying other keys.
>
> Day to day work (messages, signing packages, etc.) should be done with
> sub-keys instead.
Found it:
https://wiki.debian.org/GnuPG/AirgappedMasterKey
Kind regards,
Andrei
--
http://wiki.debian.org/FAQsFromDebianUser