> Am Mi 06.02.2013, 10:28:13 schrieb Peter Lebbing: > >> Can you explain (broadly) how one would compromise the signature/the >> device >> that you sign with? > > That seems easy to me: Except for small amounts (secure device's display > capacity) of very simple data (plain text) you have the problem that the > PC > which you need to create (and view) the data to be signed sends a blob to > the > secure device which is opaque to you. > > The problem is not to forge a signature but the difficulty to force that > only > data with checked integrity gets signed. How are you going to do that with > a > PDF?
Text only is all I need. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
