OpenPGP Card

Alon Bar-Lev alon.barlev at gmail.com
Fri Sep 2 15:13:45 CEST 2005


Benjamin Donnachie wrote:

>Alon Bar-Lev <alon.barlev at gmail.com> wrote: 
>  
>
>>I think that gpg should support PKCS#11 interface for smartcards, so 
>>that it can be used with all smartcards that support this standard.
>>    
>>
>
>I've had a quick look at the PKCS#11 and I think that you may have a point!
>  
>
>>I don't understand why gpg developers choose to implement their own 
>>smartcard standard... 
>>    
>>
>
>Nor me - the OpenPGP card seems to be anything but open to me!
>  
>
Finally someone who understand... I had no such luck with Werner Koch, who
argues that OpenPGP card is standard...
I've promised him to not bother any more with this issue...

>>The most reasonable claim I've got was the licensing issue... But nobody
>>succeeded in proving that there is a licensing problem.
>>    
>>
>
>I think MUSCLE (Movement for the Use of SmartCards in a Linux Environment
>http://www.linuxnet.com) uses PKCS - I could be wrong though, I need to read
>through it in more detail.
>  
>
Yes... I don't think there is a problem with licensing... All problems 
are in result of
an approach that each application may define how its smartcard should be 
built.
This approach like any other proprietary approach will disappear along 
with its software,
as it was with other software that did not support generic devices like 
printers, modems etc...

>>You can look for messages with "PKCS#11 support for gpg-agent" subject 
>>for future information at gnupg-users.
>>    
>>
>
>
>I saw that...  Perhaps we should "fork" GPG and work on a PKCS#11 compliant
>version...  I'm fairly new to smartcards, but I have a fair bit of other
>programming experience... 
>I don't think it would be too difficult to implement with the libraries that
>are available once I get hold of a suitable card...
>  
>
I don't think it is wise... There are some suitable cards that provide 
PKCS#11 in Linux,
forcing your card to use gpg will not allow you to use it with your 
browser or with your
standard mail client.

Just a thought... why do you use gpg? which feature you require?
Maybe there are some alternatives without using proprietary hardware.

Best Regards,
Alon Bar-Lev.




More information about the Gnupg-devel mailing list