On 2020/01/08 17:29, Franck Routier (perso) wrote: > Notice that some features, like the metal contact toggle on some yubikey > can mitigate the problem of having an attacker with full local access. > You then have to touch the key each time you want to use it, so > illegitimate access would be noticed.
On my yubikey at least, the touch contact is only used for the FIDO 2FA - the PGP smartcard feature is secured by PIN as per any other smartcard. -- Andrew Gallagher _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
