On Fri, Feb 7, 2014 at 8:42 AM, Kostantinos Koukopoulos
koukopoulos+gnupg-us...@gmail.com wrote:
Makes sense, So does anyone know the version of BasicCard used for openpgp
cards? Or who to contact with this question? I asked at the distributor (
kernelconcepts.de) and they said they couldn't
On 13/02/14 12:13, Kostantinos Koukopoulos wrote:
Of course in the end it still comes down to the question of how much we
trust ZeitCorp, but I have no positive reason not to. Using these cards has
risk of course but much smaller than the potential for increased security.
If you create keys on
Am Do 13.02.2014, 14:32:56 schrieb Peter Lebbing:
If you create keys on the card [...], the included RNG is not used
How do you want to create a key on the card without an RNG?
Hauke
--
Crypto für alle: http://www.openpgp-schulungen.de/fuer/unterstuetzer/
On Thu, 13 Feb 2014 19:32:19 +0100
Werner Koch w...@gnupg.org wrote:
... of the specs. Not of the concrete implementation. I hesitated to
sign an NDA and thus have no more insight into this than most others.
You've got to sign an NDA to learn about the implementation of this
security device
On 13/02/14 21:13, Luis Ressel wrote:
You've got to sign an NDA to learn about the implementation of this
security device which is supposed to be open?
You need an NDA to get the SDK, and you can't disclose the source code for your
application. You don't need the implementation details of a
Il 13/02/2014 21:29, Peter Lebbing ha scritto:
Although I think there's a trend towards more openness, and I learned a while
ago that you can get crypto-capable JavaCards these days without requiring an
NDA.
I've been able to work on JavaCards w/o having to sign anything (except
the
On Thu, 13 Feb 2014 21:36, ndk.cla...@gmail.com said:
I've been able to work on JavaCards w/o having to sign anything (except
I am not interested in those small applications on the smartcard as long
as I can't scrutinize the real code, i.e. the OS. Whether those
applications are written for a
Il 13/02/2014 23:20, Werner Koch ha scritto:
[JavaCards]
I am not interested in those small applications on the smartcard as long
as I can't scrutinize the real code, i.e. the OS. Whether those
applications are written for a p-code system (JavaCard, BasicCard) or
for the native CPU doesn't
On Wed, Feb 5, 2014 at 10:01 AM, Michael Anders micha...@gmx.de wrote:
In my opinion a (good) PRNG seeded properly under user control is no
problem.
If -as the FAQ seems to tell- it is primed during production, beyond
user control, this implies that normal users have to fully trust the
Hello,
Aparrently the OpenPGP card is based on BasicCard [1] and from the
BasicCard FAQ [2] I read:
For Enhanced BasicCards, the card has no hardware generator. The Enhanced
BasicCards contain a unique manufacturing number which cannot be read from
outside the card. The Rnd function uses
Hello,
Aparrently the OpenPGP card is based on BasicCard [1] and from the
BasicCard FAQ [2] I read:
For Enhanced BasicCards, the card has no hardware generator. The Enhanced
BasicCards contain a unique manufacturing number which cannot be read from
outside the card. The Rnd function uses this
11 matches
Mail list logo
