about the OpenPGP Card
Werner Koch
wk at gnupg.org
Fri Jul 18 14:21:09 CEST 2008
On Fri, 18 Jul 2008 12:18, p.tucci at gmail.com said:
> Scute is a pkcs11 driver, it means that prior to make your card work
> you need to have downloaded the libary, configured mozilla (and it
> seems no way for IE) and have a working gpg-agent.
Mozilla uses pkcs#11 as its crypto API thus you need such a driver.
Should also work with other browsers but not tested. Windows port is
under way.
> My driver, on the other side, does not need anything, just a java
> insatllation... so if you are on another pc that has a smartcard
And you need to allow Java in your browser. Some folks hesitate to
enable this.
> you can still have many chances to use your OpenPGP card (see my
> openpgp openid project http://dev.primianotucci.com/openid/)
Interesting.
> I haven't looked at 2.0 specifications (i'm waiting for the final
> one)... I don't think there are actually OpenPGP cards that implements
> such specifications (correct me if wrong)
In a couple of months. Actually the new spec has some feature to better
support Java cards.
> The driver is based on the 1.1 specs.... i'll update it as soon as the
> final 2.0 specs will be ready.
This is a release candidate - there are just a few typos left and
possible we need to extend the size of some fields. I already started
to implemented that in GnuPG.
> Honestly I think the fact that enetering 3 wrong CHV3 destroyes the
> card is a simple ashame... the "reset to blank" command should be a
> must! (hopes for the 2.0 card :))
Included in the new spec due to great public demand. How I just need
top add a command to gpg to allow resetting the card.
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz.
More information about the Gnupg-devel
mailing list