OpenPGP Card

Alon Bar-Lev alon.barlev at
Mon Sep 5 22:14:41 CEST 2005

Zeljko Vrba wrote:  
> Alon Bar-Lev wrote:
>> I agree... So if we all understand the need of PKCS#11 in order to 
>> access cryptographic tokens, what I don't understand is how come 
>> people choose to develop low-level applications in order to work with
specific devices?
> Neither do I understand that. Werner didn't give a single plausible
argument except possibly of license incompatibility. But in my
> just incorporating PKCS#11 support into GnuPG would NOT cause license
incompatibility. It would happen at run-time if the user chooses to 
> load GPL-incompatible binary PKCS#11 driver (which most of them are).

Right... This argument was given to me also...
But I could not find any justification for it...
Let's say you use GPLed licensed program on windows... It loads
kernel32.dll, right?
Since your GPLed program does not contain any other licensed code it is
still GPLed...
The same goes with GPLed licensed program that loads PKCS#11 module...

I think it is the same as gpg works with vendor's X card... The card runs an
operating system that is not GPLed... And yet... gpg is GPL...

Moreover, I've found that opensc and PAM PKCS11 are LGPL and that
openCryptoki ( is GPL.

So... I think licensing should not be an issue...

Best Regards,
Alon Bar-Lev.

More information about the Gnupg-devel mailing list