On 16/07/17 21:25, Matthias Apitz wrote:
> Why we only have a counter for the signing key?
I don't think a decryption counter makes sense as you'll decrypt the
same data multiple times (a signature is made only once).
An authentication counter would make more sense. However, you can't
collect all
El día jueves, julio 13, 2017 a las 03:57:47p. m. +0200, Werner Koch escribió:
> ...
>
> For the signing key we have a signature counter and if you can memorize
> the count and the number of signatures you did, you have a way to detect
> malicious use of that key. Better malware could of course
> One problem comes obviously in mind: Someone with priv access to your
> workstation,
You just lost. Everything after this sentence is irrelevant. Once an
attacker has privileged access to your machine it's all over.
> How is this supposed to be managed?
It can't be. GnuPG is only for use i
On Thu, 13 Jul 2017 12:49, g...@unixarea.de said:
> How is this supposed to be managed?
You can't do anything about it. The card protects your key against
compromise - but not the use of the key.
For the signing key we have a signature counter and if you can memorize
the count and the number of
Am 13.07.2017 um 13:44 schrieb Andrew Gallagher:
> On 2017/07/13 11:49, Matthias Apitz wrote:
>> One problem comes obviously in mind: Someone with priv access to your
>> workstation,
>> for example IT personal, could relatively easy steal your passwords, just
>> setting your
>> environment and wa
On 2017/07/13 11:49, Matthias Apitz wrote:
>
> One problem comes obviously in mind: Someone with priv access to your
> workstation,
> for example IT personal, could relatively easy steal your passwords, just
> setting your
> environment and waiting for the moment that you have unlocked the card
Hello,
I'm using the GnuPG card for signing, SSH, password-store (Firefox web
passwords)
and locking un-locking the KDE desktop on card-insert or withdraw.
After resolving some technical (FreeBSD) issues, I now have it on daily
usage on my netbook and my workstation in the office.
One problem c
