On 02/08/2017 12:13 PM, Marko Bauhardt wrote:
You mean that this “stub” contains no information which can be use to sign/decrypt/authenticate?
Yes. The stub contains only the serial number of the smartcard on which the private key is stored.
Or in other words in case someone steal this key, he/she can nothing do with that particular key, only in case the GPG key is located on a smartcard?
The stub is completely useless without the corresponding smartcard, yes.
But if the key is not on the smart card this corresponding key can be use to sign/enc/auth?
If the key is not on a smartcard, then the file contains the whole private key. Note, however, that the key is stored in an encrypted form, which means that stealing the file is not enough: your attacker would also need to know your passphrase to make any use of the key.
I can not really find some detailed documentation of the `private-keys-v1.d` folder. Do you have some docu?
I don't think it has really been documented. I guess the source code *is* the documentation.
Damien
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
