Martin Paljak wrote: > > Of course, if your card is damaged, lost or stolen, your > > certification should be revoked by the CA and reissued with a new > > certification. But you still need the old key to decrypt old data > > to re-encrypt with the new key, right? > > Correct.
If encryption code was better at handling this cryptosystem failure mode they would make it much easier to create a backup card that could then be stored out of daily use. At the moment it's complicated, but definately the best way to protect against a lost key. //Peter _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
