OpenPGG Card

[Joe Smith]

There is no need to post a message to the list three times.

>Is it possible to obtain further details on the OpenPGP card?
>
>I have such a card and a working smartcard reader but, ideally, I'd like to
>obtain copies of the sourcecode and program my own cards.  However, it's
>extremely difficult to track down any specific information!

You can get aditional information, but unfortunately the information 
available is not to particularly satisfying.

That said these are the details I know:
The openPGP cards are manufactured by PPC Card Systems using a chip created 
by Atmel, running BasicCard OS, and code written presumably by Werner Koch. 
The cards are non-reprogrammable, they are set to state 'RUN'.

The last I asked there were no other manufactures of OpenPGP Card complient 
smartcards.

-----

Ideally one should be able to just buy a smart card with rsa support, 
download OpenPGP card source, and compile it. Then flash it and any other 
things you wish to have on the card. However it sadly does not work that 
way.

Source code is not available. Here is a quote from an email Werner sent me:
>> Is the source for the program on the card available?
>
>No, this is not possible because the chip vendors supply chips only to
>large card vendors due to fear of litigation through Pay TV channels.
>They had pretty bad experience with that in recent years.  Same goes
>with the firmare supplied with the chip which is the base of the
>(actual very small) application we did.  Atmel will even stop the
>production of the chip we are currently using due to force by Pay TV
>lawyers (the same chip is used in many Pay TV scrambling systems; and
>they all use security by litigation).  Its all a very sad and
>ridiculous situation.

If you can somehow manage to get ahold of a BasicCard OS-based smartcard 
that has support for RSA, it would not be too difficult to program it. Most 
of the crypto stuff is handled by the chip, so the code needed to be written 
is mainly interface code.