On Mon, Jul 25, 2005 at 04:26:49PM +0200, Zeljko Vrba wrote:
- you can't use it remotely (yes, I know, it's bad for security, but I'm
comfortable with it since I've defined my threat model)
- maybe you'll want to access your mail from some computer on which
you're not allowed to install the
On Fri, 22 Jul 2005 22:42:20 +0200, Zeljko Vrba said:
I would disagree on that. Java Card is totally programmable and if you
want you can implement the complete ISO7816 command set (as far as the
Sorry, this is was a misinterpretation by me.
hardware permits, of course). The downside is that
On Fri, 22 Jul 2005 23:42:39 +0200, Felix E Klee said:
Your wording implies that the cards I mentioned aren't both secure and
fast. Any pointers?
No, I was just not aware that they support 2k RSA and key generation
in particular. My (old) specs don't say so.
isn't that interesting,
Felix E. Klee wrote:
Huh? AFAICS, in general it is more important to have the subkeys on a
smart card than the master key. After all the master key can be stored
But then you cannot commit a mortal sin of using GPG remotely ;)
Seriously, I think you have a very strong point in case of
Werner Koch wrote:
On Fri, 22 Jul 2005 23:42:39 +0200, Felix E Klee said:
isn't that interesting, though. The point is that AFAICS PKCS#11
clearly defines an API, and perhaps it may become an ISO standard in the
No it does not define a clean API. Almost everyone is using
proprietary
Werner Koch wrote:
Well for the OpenPGP card you don't need any filesystem as we onjly
use the get/put data commands. Thus a simple offset,length table is
what you need. Well, you know that of course.
Yeah, I know that very well :) It took me a bit of time to correctly
implement the
On Thu, 21 Jul 2005 12:25:49 +0200, Felix E Klee said:
* Can I use GnuPG for signing and decryption with a smart card and 2048
bit RSA keys? What limitations do I have to expect, if any?
Cards able to to generate and use 2k RSA keys are not easily
available. This will change in a year or
On Fri, 22 Jul 2005 19:01:57 +0200, Felix E Klee said:
OpenPGP cards with 2048 bit keys don't seem to be available at all.
However, ordinary ISO 7816-4 compliant smart cards are available through
online outlets. For example CryptoFlex and CyberFlex cards can be
Good luck getting a secure and
Werner Koch wrote:
On Fri, 22 Jul 2005 19:01:57 +0200, Felix E Klee said:
Uh, I guess this would cost me too much time. One solution, though,
would be to buy a JavaCard and try to run and enhance the OpenPGP Java
implementation that was started by Zeljko Vrba [3].
Java cards do have some
At Fri, 22 Jul 2005 22:42:20 +0200,
Zeljko Vrba wrote:
Felix, if you wish to finish the applet yourself, I can help you a bit
with the existing code, if you need help.
Right at the moment, I also have time problems ;-). But I may be
interested to do that in the near future.
--
Felix E. Klee
I'd like to do PGP with a Smartcard that contains my main private key (I
want to go for 2048 RSA, it should last for about five years) and
subkeys (they should each last for about six months). I didn't buy a
smart card for this purpose yet, and before I go ahead, I'd like to get
some questions
I'd like to do PGP with a Smartcard that contains my main private key (I
want to go for 2048 RSA, it should last for about five years) and
subkeys (they should each last for about six months). I didn't buy a
smart card for this purpose yet, and before I go ahead, I'd like to get
some questions
12 matches
Mail list logo
