What is the recommendation? Would be helpful to mention reason for recovery-share=1 in the tutorial. My guess is it’s gonna be auto-unsealed anyway, no point having too many recovery keys unless explicit company policy.
I think it was just arbitrary, as recovery keys are separate from unseal keys. This distinction was clearer (to me) in the seal migration documentation: