>> Smartcards exist to keep private keys safe(r) from being stolen. >> They do a pretty good job of that. But when we expect smartcards >> to be able to somehow make a compromised environment safe to >> operate in, then we've crossed the line and turned them into magic >> crypto fairy dust. > > Yes, but maybe you are missing an interesting point...
You're changing the subject slightly. :) The thread is about letting a legitimate user continue to safely use the system; you're talking about limiting the damage an attacker can do. The two are related but different. The idea might be good for damage mitigation; but for permitting continued normal operation, it's IMO a non-starter on every level.
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
