On Sun, 26 Aug 2018 00:31, gnupg-users@gnupg.org said: > decrypted file itself could/would be read by a third party. The session > key is, in this moment, the least problematic thing on your system.
Right. We assume physical security. The connection between the card reader and the host is not encrypted because that would require a key setup first and that would also be subject to key logging. Or you need to configure a session key on the host and on your reader. That would be very inconvenient. Communication between the host and the _card_ can indeed be encrypted but that is subject to the same problem. The common use case for this is to encrypt the communication between the card and a remote host utilizing the card (e.g. ATM and bank) but that a preshared key etc. has already been setup. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
pgpGAJfr9Vpln.pgp
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users