Feature wishlist. ;)

2018-04-01 Thread Dirk Gottschalk via Gnupg-users 
Hi.

Here comes my list of "nice to have" functions for future versions.

- Full CA functionality in GPGsm, incl. CRLs and extended attributes
  for signed certificates

- A free cup of coffee, every time GPG tells a function may take a
  while

- A Medal of honor after 1.000 signatures.

- And, last, but not least, a complete manual.

Okay, only the first and the last ones are realistic. But, don't take
me all of my dreams. :-D

Regards,
Dirk

-- 
Dirk Gottschalk
Paulusstrasse 6-8
52064 Aachen
Tel.: +49 1573 1152350

signature.asc
Description: This is a digitally signed message part
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Again: Writing DER certificates to ZeitControl Cards

2018-04-01 Thread NIIBE Yutaka 
Dirk Gottschalk via Gnupg-users  wrote:
> I asked this Question a while ago, but unfortunately didn't get any
> response. So, I ask again and I'm in hope that somebody here knows any
> Answer to this. I just want to know if the cards do not support it, or
> is somebething wrong with my setup?

Most likely, the length of certificate matters.  If you can minimize
your certificate, please try.  I don't know the limitation for the card.
In case of my own implementation, I can only support data less than
2048-byte.

> Are these cards not capable of getting certs written on, or am I
> missing something?

FWIW, let me explain my opinion.  This might be irrelevant to the
implementation on ZeitControl Card, though.

The feature is one of the most difficult parts for an implementer of
OpenPGP card.  For my own implementation, I cannot implement it fully,
because of the possibility of larger size.  So, users of Gnuk Token have
to use special tool to write certificate, while reading is OK.

Since the feature is questionable for me (no real good use case), I even
put a compile time option for Gnuk to disable it, and that's the
default now.
-- 

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users