On Sun, 01 Jan 2006 12:57:27 -0700, Kurt Fitzner said: > 1) Is it possible to erase one? For example, if a set of three keys has > been generated on the card, and if later that card is going to be used > for one or two subkeys, can the unused keys on the card be erased? It > would be nice to return the card to an unused state for reuse.
It is on my todo list. The way it will work is by storing a dummy key on the card (which erases the old one) and to clear the fingerprint. > 2) Is it possible to export only the smartcard private key stubs from a > normal RSA key pair that has smartcard subkeys? In other words, once I > have made smartcard subkeys of a regular RSA key, and once they are on > the card, how can I use the card on another PC without transporting the > full master secret key? If the key is missing a stub should be created automagically if you run gpg --card-status on the other machine. > 3) Is it possible to set the private DO 1 and DO 2 fields to anything? /* Note, that we do not announce this command yet. */ { "privatedo", cmdPRIVATEDO, 0, NULL }, On the --card-edit prompt enter: privatedo N and you will be asked for the value or privatedo N < FILE and the data will be taken from FILE - useful for binary data. This redirection works also with the login command. > 4) Is the card serial number stored in the keyring? Can GnuPG be > configured to ask for the correct card when there is no card inserted, > rather than just when the wrong card is inserted? Yes, this should work when using the pinentry. On Windows you need check the status code yourself: CARDCTRL <what> [<serialno>] This is used to control smartcard operations. Defined values for WHAT are: 1 = Request insertion of a card. Serialnumber may be given to request a specific card. 2 = Request removal of a card. 3 = Card with serialnumber detected 4 = No card available. 5 = No card reader available > 5) Related to 4, is it possible to use GnuPG to query for the serial > number of the card associated with a key? I would like to make GPGee > able to ask for a card when one is needed, but don't know how to find > out which card to prompt for. See above. Shalom-Salam, Werner _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users