Identifier of OpenPGPcard
Kristian Fiskerstrand
kristian.fiskerstrand at sumptuouscapital.com
Thu Apr 9 18:45:14 CEST 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On 04/09/2015 05:38 PM, NIIBE Yutaka wrote:
> On 04/10/2015 12:17 AM, Werner Koch wrote:
>> FWIW, there is a bug report that moving a key from one smart card
>> to another does not update the stub file. We may want to check
>> for conflicting serial number is a stub file and either a) update
>> the stub file with the new serial number or b) allow to store
>> several serial numbers in one stub file. The latter would be
>> useful if several persons have a smartcard with the same key and
>> use the same box or if you create several smartcards for backup
>> purposes.
>
..
>
> In OpenPGP, a single primary RSA/DSA/ECC/whatever key can be used
> by multiple User IDs. Considering this situation, it seems for me
> that a fingerprint of primary key should be an identifier of a
> smartcard (even when all are subkeys and no primary key on a
> smartcard).
And how would you differentiate in the case you have one smartcard
with the primary key only kept securely and one smartcard for daily
use with subkeys only?
>
> In fact, Gnuk has a feature to register its serial number by a
> user. But it seems that it's only me who use this feature.
> Perhaps, it suggests that people don't have a practice to recognize
> the serial number as an identifier.
>
> Any thought?
>
- --
- ----------------------------
Kristian Fiskerstrand
Blog: http://blog.sumptuouscapital.com
Twitter: @krifisk
- ----------------------------
Public OpenPGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
- ----------------------------
"A ship is safe in harbour, but that's not what ships are for"
(Will Shedd)
-----BEGIN PGP SIGNATURE-----
iQEcBAEBCgAGBQJVJqyWAAoJEP7VAChXwav6snQH/RmMuZBVl0uWXVCKxPvJj+e/
YN/tcNdbW6tY7BZYGEmOmBoYA34PRgs/eq1X7W0ju3kAMiE7V5KEUrNQAPAwBDJ6
dtsU9Nc0p2PbLRa6xiWBxz2cWVq4B5FHNe2hAhTuPAY4a0Pmo49GKojo+MVH5qfZ
5u2WXuOVBnwOPmpTUHcoxQ5ZbOA9ck4kAKZiWw2pXIbHEMc+PCNdtagL7vcr/Y7H
kmsD8ItWw9Lgs+8eYMqi2cp10PkwPseFZP8hmrSNXoFaiunSCatLmGV2DNaiFs6k
REX/Pl06VSBokzy+r7peGp/C3kUJFHIuNaD0nq1Ohz74f3ZRUipLouYDttjNv9Y=
=bnfH
-----END PGP SIGNATURE-----
More information about the Gnupg-devel
mailing list