PKCS#11 in GnuPG (yes, again!)

Werner Koch wk at
Mon Jul 18 10:21:24 CEST 2011

On Fri, 15 Jul 2011 21:35, veryconcerneduser at said:

> As many of you are well-aware, PKCS#11 is the de-facto standard for working
> with cryptographic keys.  Some zealots would try to have you believe that

PKCS#11 is simply one of many standards.  FWIW, even a major desktop OS
does not use it anymore.

> If the OpenPGP card (a glorious, wonderful piece of kit) is ever going to
> make it out of almost-complete obscurity, PKCS#11 must be implemented in
> GnuPG-stable.  If we want to push free software in the modern computing

Please get the facts: There is PKCS#11 support for GnuPG.  See .

The reason why GnuPG does not support smartcards which are only
accessible due to proprietary pkcs#11 middleware should be well known:
The GPL does not allow for this and even more relevant: We don't want to
support proprietary applications.  Ask the vendors of those smartcards
to release the specs and write a new module for scdaemon; if required.



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gnupg-devel mailing list