(x-posting this from AskNetSec because I haven't got a reply over there).
Hey,
Can someone weigh up the pros and cons of 1) having secret GPG keys stored on a hardware token, which also handles all of the cryptographic processes (i.e. Yubikey), compared to 2) storing secret GPG keys in a virtual machine, isolated from the internet? (as is the method used in Qubes' Split-GPG)
For the scenario of an attacker gaining remote access to a system, I presume the latter option will be preferable. To flip it around, do GPG hardware tokens still protect the secret keys if your system gets pwned?