I was under the impression that MtGox used both keys.
After reading the forum I came to the same conclusion. But why? What's the reason to allocate both slots if just one is needed for OTP? Even if they do not want to share secret keys with Yubiko (but I would trust them more then mtgox: they never loose their database while mtgox was hacked because someone steel the database. What will it be if the database with secret keys will be stolen next time?), they need just one slot.
It's so that if you are man-in-the-middled, the worst someone could do is log in and trade. They wouldn't be able to withdraw, even if they had you pregenerate a bunch of OTPs for login.