openpgp -> pkcs #11

Werner Koch wk at
Mon Jan 6 12:40:21 CET 2014

On Sun,  5 Jan 2014 16:20, nmav at said:

> If you are referring to the openpgp card opensc driver, it is really far

I mean - there is a Debian package for it:

 OpenPGP smartcard plugin for Mozilla Network Security Services Scute is
 a PKCS #11 implementation for the GnuPG Agent using the GnuPG Smart
 Card Daemon which enables you to use your OpenPGP smart card for client
 authentication with SSL in Mozilla.

> Indeed it is, but it is not much more than other security-related
> standards (see X.509 and PKIX). Nevertheless, a card or a module needs

No, it is very different from that.  PKIX is a protocol description and
not an API description.

> mainly by free software (NSS is fully using PKCS #11, gnutls uses it for

Because NSS used to be a proprietary way longer than Mozilla.

> such as the openpgp card to integrate seamlessly in all that software.

Use Scute and add the missing parts (encryption) ;-)



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gnupg-devel mailing list