[git] gnupg-doc - branch, master, updated. d83aebe0b394e1da677976fe0e92094e58f50900
by Nicole Faerber
cvs at cvs.gnupg.org
Fri Jul 7 10:04:46 CEST 2017
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GnuPG website and other docs".
The branch, master has been updated
via d83aebe0b394e1da677976fe0e92094e58f50900 (commit)
from a69e5c0c1415829c5fa082e2951565ad2e1afb98 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit d83aebe0b394e1da677976fe0e92094e58f50900
Author: Nicole Faerber <nicole.faerber at id3p.com>
Date: Wed Jun 28 16:54:31 2017 +0200
Updated links and contact info for ordering OpenPGP smartcards and readers
Signed-off-by: Nicole Faerber <nicole.faerber at id3p.com>
diff --git a/misc/howtos.gnupg.org/card-howto/en/apa.html b/misc/howtos.gnupg.org/card-howto/en/apa.html
index c6ada87..fa4b0fe 100644
--- a/misc/howtos.gnupg.org/card-howto/en/apa.html
+++ b/misc/howtos.gnupg.org/card-howto/en/apa.html
@@ -108,15 +108,15 @@
</td>
<td align="left" valign="top">
<p>Currently we know that you may order card
- readers from <a href="http://www.kernelconcepts.de/products/security.shtml" target="_top">kernelconcepts</a>. The
+ readers from <a href="https://www.floss-shop.de/en/security-privacy/" target="_top">FLOSS-Shop</a>. The
website is only in German, but you can order the
"USB Chip-Karten Lesegeraet SCM SCR-335" for 29,00
EUR from all over Europe; either by prepayment via
bank transfer or paypal. You have to sent your
orders via email to
- <code class="email"><<a href="mailto:order at kernelconcepts.de">order at kernelconcepts.de</a>></code>. If you
+ <code class="email"><<a href="mailto:order at floss-shop.de">order at floss-shop.de</a>></code>. If you
have questions considering the order you can
- contact <code class="email"><<a href="mailto:info at kernelconcepts.de">info at kernelconcepts.de</a>></code> in
+ contact <code class="email"><<a href="mailto:info at floss-shop.de">info at floss-shop.de</a>></code> in
English or German.</p>
<p>In the UK, SCM card readers can be purchased online from
<a href="" target="_top">http://www.crownhill.co.uk/</a>.
diff --git a/misc/howtos.gnupg.org/card-howto/en/ch02s02.html b/misc/howtos.gnupg.org/card-howto/en/ch02s02.html
index b340c94..8250b9b 100644
--- a/misc/howtos.gnupg.org/card-howto/en/ch02s02.html
+++ b/misc/howtos.gnupg.org/card-howto/en/ch02s02.html
@@ -34,7 +34,7 @@
</div>
</div>
<p>First you need an OpenPGP compatible smart card which can, for example, be obtained by <a href="https://www.fsfe.org/join_us/" target="_top">becoming a fellow</a> of the <a href="http://www.fsfeurope.org" target="_top">Free Software Foundation Europe</a>.</p>
- <p>Card readers (NOT those used for flash memory cards) can be obtained from computer stores (e.g. <a href="http://www.kernelconcepts.de/products/security-en.shtml" target="_top">http://www.kernelconcepts.de/products/security-en.shtml</a>).</p>
+ <p>Card readers (NOT those used for flash memory cards) can be obtained from computer stores (e.g. <a href="https://www.floss-shop.de/en/security-privacy/" target="_top">https://www.floss-shop.de/en/security-privacy/</a>).</p>
<div class="section" lang="en" xml:lang="en">
<div class="titlepage">
<div>
diff --git a/misc/howtos.gnupg.org/card-howto/en/smartcard-howto-single.html b/misc/howtos.gnupg.org/card-howto/en/smartcard-howto-single.html
index dea3cde..1065d90 100644
--- a/misc/howtos.gnupg.org/card-howto/en/smartcard-howto-single.html
+++ b/misc/howtos.gnupg.org/card-howto/en/smartcard-howto-single.html
@@ -9,7 +9,7 @@
</p><div class="itemizedlist"><ul type="disc"><li><p>3 independent 1024 bit RSA keys (signing,encryption,authentication).</p></li><li><p>Key generation on card or import of existing keys.</p></li><li><p>Signature counter.</p></li><li><p>Data object to store an URL to access the full OpenPGP public key.</p></li><li><p>Data objects for card holder name etc.</p></li><li><p>Data object for login specific data.</p></li><li><p>Length of PIN between 6 and 254 characters; not restricted to numbers.</p></li><li><p>T=1 protocol; compatible with most readers.</p></li><li><p>Specification freely available and usable without any constraints.</p></li><li><p>Reasonably priced. </p></li></ul></div><p>
</p></div></div><div class="chapter" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title"><a id="id2456320"></a>Chapter 2. Installation for GNU/Linux</h2></div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="section"><a href="#id2456329">2.1. Prerequisites</a></span></dt><dd><dl><dt><span class="section"><a href="#id2456428">2.1.1. Installation of GnuPG</a></span></dt></dl></dd><dt><span class="section"><a href="#id2503306">2.2. Required Hardware</a></span></dt><dd><dl><dt><span class="section"><a href="#id2503342">2.2.1. A List of tested Readers</a></span></dt></dl></dd><dt><span class="section"><a href="#id2503642">2.3. Installation of Card Reader</a></span></dt><dd><dl><dt><span class="section"><a href="#id2503652">2.3.1. CCID (Chip Card Interface Description)</a></span></dt><dt><span class="section"><a href="#id2504251">2.3.2. PC/SC (Personal computer/Smart Card)</a></span></dt></dl></dd></dl></div><p>Since version 1.3.90 GnuPG supports smart cards by default.</p><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="id2456329"></a>2.1. Prerequisites</h2></div></div></div><p>Please make sure that libusb is available prior to building GnuPG. It can be obtained from <a href="http://prdownloads.sourceforge.net/libusb" target="_top">http://prdownloads.sourceforge.net/libusb</a>. On Debian GNU/Linux a simple <strong class="userinput"><code>apt-get install libusb-dev</code></strong> should be sufficient.</p><p>If you are not using an USB reader please also install libpcsclite and libpcsclite-dev. On Debian GNU/Linux a simple <strong class="userinput"><code>apt-get install libpcsclite libpcsclite-dev</code></strong> should be sufficient.</p><p>If your reader is a native USB device and supports the CCID (Chip Card Interface Description) specification it is directly supported by GnuPG.</p><p>Most USB readers today still behave like serial readers. In this case you need the kernel module pl2303 to access the reader. This module is a "USB Serial Driver" which can be found under
<span class="guimenu">Device Drivers</span>-><span class="guimenuitem">USB-Support</span>-><span class="guimenuitem">USB Serial Converter Support</span>-><span class="guimenuitem">USB Prolitic 2303</span>
- in the 2.6 kernel configuration. This module makes sure that the proprietary reader protocol is translated to a standard protocol.</p><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h3 class="title"><a id="id2456428"></a>2.1.1. Installation of GnuPG</h3></div></div></div><p>Without an installation of GnuPG the OpenPGP card will be of little use. So, please, go ahead and install it.</p><p>GnuPG can be downloaded from <a href="http://www.gnupg.org/download/index.html" target="_top">http://www.gnupg.org/download/index.html</a>. Please use the recent stable version.</p><p>After downloading and patching the sources GnuPG is installed with the usual <strong class="userinput"><code>./configure</code></strong>, <strong class="userinput"><code>make</code></strong>, <strong class="userinput"><code>make install</code></strong>. For further information please refer to the installation instructions shipped with GnuPG.</p><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3>If you are running Debian GNU/Linux you can also build your own Debian package with <strong class="userinput"><code>dh_make</code></strong> and <strong class="userinput"><code>debuild</code></strong> in the source directory. After that you can install it the usual way with <strong class="userinput"><code>dpkg -i gnupg-version.deb</code></strong></div><p>If you are using the 1.9 branch of GnuPG and plan to use the PC/SC driver you should now install the software to make sure that the pcsc wrapper binary will be available at the right place.</p></div></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="id2503306"></a>2.2. Required Hardware</h2></div></div></div><p>First you need an OpenPGP compatible smart card which can, for example, be obtained by <a href="https://www.fsfe.org/join_us/" target="_top">becoming a fellow</a> of the <a href="http://www.fsfeurope.org" target="_top">Free Software Foundation Europe</a>.</p><p>Card readers (NOT those used for flash memory cards) can be obtained from computer stores (e.g. <a href="http://www.kernelconcepts.de/products/security-en.shtml" target="_top">http://www.kernelconcepts.de/products/security-en.shtml</a>).</p><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h3 class="title"><a id="id2503342"></a>2.2.1. A List of tested Readers</h3></div></div></div><p>Please note that the USB device class for USB readers is 11 (or 0x0B in hex).</p><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h4 class="title"><a id="id2503353"></a>SCM Microsystems SCR335</h4></div></div></div><span class="inlinemediaobject"><img src="scr335-small.jpg" /></span><p>This is a small USB reader (CCID; 65*45*8mm)
+ in the 2.6 kernel configuration. This module makes sure that the proprietary reader protocol is translated to a standard protocol.</p><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h3 class="title"><a id="id2456428"></a>2.1.1. Installation of GnuPG</h3></div></div></div><p>Without an installation of GnuPG the OpenPGP card will be of little use. So, please, go ahead and install it.</p><p>GnuPG can be downloaded from <a href="http://www.gnupg.org/download/index.html" target="_top">http://www.gnupg.org/download/index.html</a>. Please use the recent stable version.</p><p>After downloading and patching the sources GnuPG is installed with the usual <strong class="userinput"><code>./configure</code></strong>, <strong class="userinput"><code>make</code></strong>, <strong class="userinput"><code>make install</code></strong>. For further information please refer to the installation instructions shipped with GnuPG.</p><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3>If you are running Debian GNU/Linux you can also build your own Debian package with <strong class="userinput"><code>dh_make</code></strong> and <strong class="userinput"><code>debuild</code></strong> in the source directory. After that you can install it the usual way with <strong class="userinput"><code>dpkg -i gnupg-version.deb</code></strong></div><p>If you are using the 1.9 branch of GnuPG and plan to use the PC/SC driver you should now install the software to make sure that the pcsc wrapper binary will be available at the right place.</p></div></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="id2503306"></a>2.2. Required Hardware</h2></div></div></div><p>First you need an OpenPGP compatible smart card which can, for example, be obtained by <a href="https://www.fsfe.org/join_us/" target="_top">becoming a fellow</a> of the <a href="http://www.fsfeurope.org" target="_top">Free Software Foundation Europe</a>.</p><p>Card readers (NOT those used for flash memory cards) can be obtained from computer stores (e.g. <a href="https://www.floss-shop.de/en/security-privacy/" target="_top">https://www.floss-shop.de/en/security-privacy/</a>).</p><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h3 class="title"><a id="id2503342"></a>2.2.1. A List of tested Readers</h3></div></div></div><p>Please note that the USB device class for USB readers is 11 (or 0x0B in hex).</p><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h4 class="title"><a id="id2503353"></a>SCM Microsystems SCR335</h4></div></div></div><span class="inlinemediaobject"><img src="scr335-small.jpg" /></span><p>This is a small USB reader (CCID; 65*45*8mm)
supported by GnuPG directly as well as by pcsclite.
This very device is actually the first reader
supported by GnuPG and the reason for the internal
@@ -389,15 +389,15 @@ sub 1024R/F6518D6B created: 2005-03-05 expires: never usage: E
[ultimate] (1). Archibald Goodwin (The Tester) <archi at foobar.example>
</pre></div><p>First create a signing key. If this kind of key already exists on the card, a security question has to be answered. Run <strong class="userinput"><code>save</code></strong> to commit the changes to the card. The key on the card will not be removed if you do not <strong class="userinput"><code>save</code></strong> the changes. You can create another subkey by again calling <strong class="userinput"><code>addcardkey</code></strong>. Choose the encryption key and proceed as explained.</p><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>gpg will always use the latest created key of a given type.</p></div><p>There is no direct way to create a backup key of the card's decryption key like it is done with the <strong class="userinput"><code>generate</code></strong> command.</p><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>Make a copy of your secret key before running the following commands. Otherwise the whole procedure will be pointless.</p></div><p>A few steps more will help you to achieve this goal. First create a regular RSA subkey of 1024 bit length using the <strong class="userinput"><code>addkey</code></strong> command. Then select this new key and run <strong class="userinput"><code>keytocard</code></strong>. gpg transfers the key to the card and replaces the existing secret key with a stub.</p></div></div></div><div class="appendix" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title"><a id="id2507278"></a>Appendix A. Appendix</h2></div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="section"><a href="#id2507283">A.1. A small OpenPGP card FAQ</a></span></dt><dt><span class="glossary"><a href="#id2508366">Glossary</a></span></dt><dt><span class="bibliography"><a href="#id2508441">Further resources</a></span></dt></dl></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="id2507283"></a>A.1. A small OpenPGP card FAQ</h2></div></div></div><div class="qandaset"><dl><dt>A.1.1. <a href="#id2507296">If I'm correctly informed GnuPG and smartcards use 1024 Bit RSA. Some say the security level of RSA-1024 is comparable too about 80 Bit symmetric key and cannot be regarded as highly secure.</a></dt><dt>A.1.2. <a href="#id2507324">Where do I get a reader?</a></dt><dt>A.1.3. <a href="#id2508313">How do I use the cryptocard on MacOSX?</a></dt><dt>A.1.4. <a href="#id2508338">I am having problems, where do I get further
help?</a></dt></dl><table border="0" summary="Q and A Set"><col align="left" width="1%" /><tbody><tr class="question"><td align="left" valign="top"><a id="id2507296"></a><a id="id2507298"></a><b>A.1.1.</b></td><td align="left" valign="top"><p>If I'm correctly informed GnuPG and smartcards use 1024 Bit RSA. Some say the security level of RSA-1024 is comparable too about 80 Bit symmetric key and cannot be regarded as highly secure.</p></td></tr><tr class="answer"><td align="left" valign="top"><b></b></td><td align="left" valign="top"><p>The quality and security of the implementation and the entire environment and not the length of the key protect the secret key against a compromise by any non-physical attack.</p><p>2048 bit RSA is possible but at the moment far too expensive. The specification allows for 2048 Bit RSA cards. Feel free to build one.</p></td></tr><tr class="question"><td align="left" valign="top"><a id="id2507324"></a><a id="id2507326"></a><b>A.1.2.</b></td><td align="left" valign="top"><p>Where do I get a reader?</p></td></tr><tr class="answer"><td align="left" valign="top"><b></b></td><td align="left" valign="top"><p>Currently we know that you may order card
- readers from <a href="http://www.kernelconcepts.de/products/security.shtml" target="_top">kernelconcepts</a>. The
+ readers from <a href="https://www.floss-shop.de/en/security-privacy/" target="_top">FLOSS-Shop</a>. The
website is only in German, but you can order the
"USB Chip-Karten Lesegeraet SCM SCR-335" for 29,00
EUR from all over Europe; either by prepayment via
bank transfer or paypal. You have to sent your
orders via email to
- <code class="email"><<a href="mailto:order at kernelconcepts.de">order at kernelconcepts.de</a>></code>. If you
+ <code class="email"><<a href="mailto:order at floss-shop.de">order at floss-shop.de</a>></code>. If you
have questions considering the order you can
- contact <code class="email"><<a href="mailto:info at kernelconcepts.de">info at kernelconcepts.de</a>></code> in
+ contact <code class="email"><<a href="mailto:info at floss-shop.de">info at floss-shop.de</a>></code> in
English or German.</p><p>In the UK, SCM card readers can be purchased online from
<a href="" target="_top">http://www.crownhill.co.uk/</a>.
</p></td></tr><tr class="question"><td align="left" valign="top"><a id="id2508313"></a><a id="id2508316"></a><b>A.1.3.</b></td><td align="left" valign="top"><p>How do I use the cryptocard on MacOSX?</p></td></tr><tr class="answer"><td align="left" valign="top"><b></b></td><td align="left" valign="top"><p>There is a description on <a href="http://www.py-soft.co.uk/~benjamin/download/mac-gpg/" target="_top">http://www.py-soft.co.uk/~benjamin/download/mac-gpg/</a>.</p></td></tr><tr class="question"><td align="left" valign="top"><a id="id2508338"></a><a id="id2508341"></a><b>A.1.4.</b></td><td align="left" valign="top"><p>I am having problems, where do I get further
diff --git a/misc/howtos.gnupg.org/card-howto/en/smartcard-howto.txt b/misc/howtos.gnupg.org/card-howto/en/smartcard-howto.txt
index fd62399..0723ea9 100644
--- a/misc/howtos.gnupg.org/card-howto/en/smartcard-howto.txt
+++ b/misc/howtos.gnupg.org/card-howto/en/smartcard-howto.txt
@@ -189,7 +189,7 @@ Note
Card readers (NOT those used for flash memory cards) can be obtained
from computer stores (e.g.
- [47]http://www.kernelconcepts.de/products/security-en.shtml).
+ [47]https://www.floss-shop.de/en/security-privacy/).
2.2.1. A List of tested Readers
@@ -1148,12 +1148,12 @@ A.1. A small OpenPGP card FAQ
Where do I get a reader?
Currently we know that you may order card readers from
- [73]kernelconcepts. The website is only in German, but you can order
+ [73]FLOSS-Shop. The website is only in German, but you can order
the "USB Chip-Karten Lesegeraet SCM SCR-335" for 29,00 EUR from all
over Europe; either by prepayment via bank transfer or paypal. You
- have to sent your orders via email to <[74]order at kernelconcepts.de>.
+ have to sent your orders via email to <[74]order at floss-shop.de>.
If you have questions considering the order you can contact
- <[75]info at kernelconcepts.de> in English or German.
+ <[75]info at floss-shop.de> in English or German.
In the UK, SCM card readers can be purchased online from
[76]http://www.crownhill.co.uk/.
@@ -1256,7 +1256,7 @@ References
44. http://www.gnupg.org/download/index.html
45. https://www.fsfe.org/join_us/
46. http://www.fsfeurope.org/
- 47. http://www.kernelconcepts.de/products/security-en.shtml
+ 47. https://www.floss-shop.de/en/security-privacy/
48. http://www.fsfe.org/en/content/download/17665/125518/file/gnupg-ccid.rules
49. file://localhost/home/wk/w/card-howto/build/smartcard-howto-single.html
50. file://localhost/home/wk/w/card-howto/build/smartcard-howto-single.html#features
@@ -1282,9 +1282,9 @@ References
70. file://localhost/home/wk/w/card-howto/build/smartcard-howto-single.html#id2507324
71. file://localhost/home/wk/w/card-howto/build/smartcard-howto-single.html#id2508313
72. file://localhost/home/wk/w/card-howto/build/smartcard-howto-single.html#id2508338
- 73. http://www.kernelconcepts.de/products/security.shtml
- 74. mailto:order at kernelconcepts.de
- 75. mailto:info at kernelconcepts.de
+ 73. https://www.floss-shop.de/en/security-privacy/
+ 74. mailto:order at floss-shop.de
+ 75. mailto:info at floss-shop.de
76. file://localhost/home/wk/w/card-howto/build/smartcard-howto-single.html
77. http://www.py-soft.co.uk/~benjamin/download/mac-gpg/
78. http://www.gnupg.org/documentation/mailing-lists.html
-----------------------------------------------------------------------
Summary of changes:
misc/howtos.gnupg.org/card-howto/en/apa.html | 6 +++---
misc/howtos.gnupg.org/card-howto/en/ch02s02.html | 2 +-
.../card-howto/en/smartcard-howto-single.html | 8 ++++----
misc/howtos.gnupg.org/card-howto/en/smartcard-howto.txt | 16 ++++++++--------
4 files changed, 16 insertions(+), 16 deletions(-)
hooks/post-receive
--
The GnuPG website and other docs
http://git.gnupg.org
More information about the Gnupg-commits
mailing list