OpenPGP Card ECC status?

Simon Josefsson simon at
Tue Sep 9 08:41:22 CEST 2014

Werner Koch <wk at> writes:

> On Wed,  3 Sep 2014 23:23, simon at said:
>> Thanks for the update on the OpenPGP Card spec!  That all sounds good.
>> I'm hoping Werner can comment on what's left to do in GnuPG.
> I would really like to see Ed25519 and Curve25519 DH support in a card.

So do I..  I'm hoping this won't be too far away, but I think there is
value in getting experience with the existing ECC standards with GnuPG
and with smartcards, since that appears to be lower-hanging-fruit.

> For the old curves the card should behave similar to gpg-agent; thus
> being protocol neutral and it is not required that the rfc-6637 ECDH
> algorithm is implemented by the card.


>> Achim Pietig <achim at> writes:
>>> sign and auth is clear at the moment - all new standards only support
>>> Brainpool, NIST was stripped of from all papers after the NSA problem
> If the NIST curves are found to be bugged we should also be cautious
> with the Brainpool curves.

Yeah, to me they fall into the same class.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 472 bytes
Desc: not available
URL: </pipermail/attachments/20140909/199a5513/attachment.sig>

More information about the Gnupg-devel mailing list