What to do with secret key of GPG principal key? Stash away?

[nagmat84]

I bought a Yubikey which provides an GPG module and three key "slots". I followed the guides

• Gentoo Wiki: YubiKey/GPG
  
• Gentoo Wiki: GnuPG

and

• created a principal key with certification capabilities only and unlimited expiration date,
  
• added three sub-keys for signing, decryption and authorization,
  
• created a backup of the secret key, public key and revocation certificate on an external USB stick with a keypad,
  
• moved the secret keys of the sub-keys to the Yubikey.

I am wondering what I should do with the secret key of the principal key. As far I understand the principal key is only needed for certification of other public keys and to create new sub-keys when the current ones will expire. So it is much less frequently used than the other keys. I am surprised that the Yubikey allows to store the secret keys three sub-keys but not the secret key of the principal key. IMHO, the principal key is much more at risk, because it allows to do key management (create new sub-keys, certify other keys, create revocation certificates).

Question 1: Should I delete the secret key of the principal key from my key ring as I have it on my backup stick?

After I had moved the sub-keys to the Yubikey, GnuPG automatically deleted the secret keys from my keyring.

Question 2: How do I create a second Yubikey identical to the first one as a backup?