Hi Chris, On 27.08.2019 17:52, Chris Narkiewicz via Gnupg-users wrote:
On 26/08/2019 19:47, Wiktor Kwapisiewicz via Gnupg-users wrote:If one sets URL field on the token then just plugging the token when OpenKeychain is opened is enough to get the key ready-to-use.Can you explain what kind of workflow do you mean here?
I mean you start OpenKeychain, touch the NFC token and get the import key screen (see attachment). This is very straightforward, no need to mess with passwords and secret key files.
OpenPGP software requires public keys but tokens don't store them so own public keys need to be transmitted somehow. Fortunately OpenPGP Card spec has a "URL of public key" field.
You can see/set the value this way: $ gpg --card-edit Reader ...........: ... Application ID ...: ... Version ..........: 2.1 Manufacturer .....: Yubico ... URL of public key : https://metacode.biz/@wiktor/openpgp/key Login data .......: wiktorThis is in turn used by OpenKeychain (but also by gpg --card-edit and "fetch" subcommand) to download public parts.
Kind regards, Wiktor
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
