Hi, I wrote up some notes and ideas on how to do backups of private
keys, which is needed for sigsum primary-secondary failover.
I would hope the way I propose (if it actually works) could be
implemented on a Tillitis key. I have no idea if something like that is
supported by yubico hsm, but I think Linus is investigating.
See
https://git.glasklar.is/sigsum/project/documentation/-/blob/main/archive/20…,
all comments and feedback appreciated.
/Niels
