Il 25/06/2013 09:55, Werner Koch ha scritto:
>> First: I trust more the RNG on a card than a SW one
> A card based RNG is often nothing more than a PRNG with a card specific
> seed. Modern cards seem to have a real hardware RNG.
I'm referring to cards compatible with GlobalPlatform 2.1.1 (minimum
On Tue, 25 Jun 2013 06:24, ndk.cla...@gmail.com said:
> First: I trust more the RNG on a card than a SW one
A card based RNG is often nothing more than a PRNG with a card specific
seed. Modern cards seem to have a real hardware RNG. Compared to
actual hardware RNGs they are very limited and pro
Il 24/06/2013 16:01, Josef Schneider ha scritto:
> Then you need a secure way to store the CA key. That is essentially
> exactly the same problem!
Nope. Throwaway CA!
> I mean you can put it on a card and allow export of the CA key only if
> the request is signed by a SuperSecureCA key...
There's
On Mon, Jun 24, 2013 at 2:54 PM, NdK wrote:
>
> Il 24/06/2013 10:15, Werner Koch ha scritto:
>
> >> A smartcard could be useful anyway, at least as a "portable keyring"
> >> (if it didn't need initialization on every machine...).
> > A USB memory stick fulfills the same purpose.
> Not really secur
Il 24/06/2013 10:15, Werner Koch ha scritto:
>> A smartcard could be useful anyway, at least as a "portable keyring"
>> (if it didn't need initialization on every machine...).
> A USB memory stick fulfills the same purpose.
Not really secure...
>> And key export could be controlled (like in MyPGP
On Sat, 22 Jun 2013 15:03, ndk.cla...@gmail.com said:
> A smartcard could be useful anyway, at least as a "portable keyring" (if
> it didn't need initialization on every machine...).
A USB memory stick fulfills the same purpose.
> And key export could be controlled (like in MyPGPid card): privat
Il 22/06/2013 09:35, Heinz Diehl ha scritto:
> The whole point with a smartcard is that it's a lot easier to memorize
> the PIN than a long and complicated passphrase, and that the private
> key can't be exported. If it can, there's no need for a smartcard.
I quite disagree, here.
A smartcard coul
On 20.06.2013, Henry Hertz Hobbit wrote:
> Try the backup from GPA's menu. I doubt you will get anything
> that can be exported. If you get a backupg.gpg (or similar), then try
> importing your secret keys onto a second system with GPGWIN installed.
The thing is, if there's a command to export
On 06/19/2013 03:21 PM, Heinz Diehl wrote:
> On 18.06.2013, NdK wrote:
>
>> If the key is generated on-card, you have no way to backup it. No need
>> for "unexportable" flag: simply there's no command to export it.
>
> And if the key is generated off-card and properly moved to the
> smartcard af
On 18.06.2013, NdK wrote:
> If the key is generated on-card, you have no way to backup it. No need
> for "unexportable" flag: simply there's no command to export it.
And if the key is generated off-card and properly moved to the
smartcard afterwards, there's no way to export it either. It's only
Il 17/06/2013 20:22, T L ha scritto:
> Under GPA in windows there is a option to backup the private key from a
> OpenPGP smartcard.
The smartcard protocol of a standard OpenPGP card doesn't allow it.
MyPGPid card will allow a controlled export.
> My understanding is that one of the main purposes o
Under GPA in windows there is a option to backup the private key from a
OpenPGP smartcard. My understanding is that one of the main purposes of
smartcard use is to prevent the private key from being exported and force
cryptographic operations through the card. Is there a method of setting the
priva
12 matches
Mail list logo
