You've got the wrong perception of even the most sophisticated end-users out there. 5 GPG keys, deposit boxes / vaults in different states.. I mean what the hell? Even an old beardy maintainers won't be bothered by that. You're talking about government-level threat models here.
Heck, even the idea of having to renew your resident GPG keys is a nightmare, let alone in different states. If you even let your master key expire on the device, you won't ever be able to renew it or it's derived SSH keys, and will have to reset the device. That's not to mention fried keys, stolen keys, etc. Consumer-grade vaults can be picked in minutes, and most large banks do not issue new deposit boxes anymore.
Any paranoid/sophisticated users would be more than happy with having their SSH keys in 1Password & using their agent, or having one key at home w/ home alarm, one key on them.
> You've got the wrong perception of even the most sophisticated end-users out there. 5 GPG keys, deposit boxes / vaults in different states.. I mean what the hell? Even an old beardy maintainers won't be bothered by that. You're talking about government-level threat models here.
You seem to misunderstand me.
They're not in vaults for protection from the government; the state can access them at will. They are in vaults for fire safety.
They are in multiple states for safety against natural disasters. If one bank floods or is destroyed, a copy exists elsewhere.
Each vault has two Yubikeys, to protect against fried keys. Two locations in case one is stolen, etc.
It's not about threat model, it's just about DR.
> Any paranoid/sophisticated users would be more than happy with having their SSH keys in 1Password & using their agent, or having one key at home w/ home alarm, one key on them.
Storing the keys in software makes them vulnerable to software malware, which is ridiculously common. No "paranoid" required.
Most people are at home most of the time. If one key is at home and one key is "on [you]" and your house burns down, you lose all your keys and all your data so protected.
It's not some state-sponsored attacker that requires you to keep an extra key offsite in a fireproof room.
Heck, even the idea of having to renew your resident GPG keys is a nightmare, let alone in different states. If you even let your master key expire on the device, you won't ever be able to renew it or it's derived SSH keys, and will have to reset the device. That's not to mention fried keys, stolen keys, etc. Consumer-grade vaults can be picked in minutes, and most large banks do not issue new deposit boxes anymore.
Any paranoid/sophisticated users would be more than happy with having their SSH keys in 1Password & using their agent, or having one key at home w/ home alarm, one key on them.