exclusive vs. shared smart card access

NIIBE Yutaka gniibe at fsij.org
Tue Sep 1 10:06:25 CEST 2015


On 09/01/2015 04:38 PM, Andreas Schwier wrote:
> Sharing a card is O.K while the PIN is not authenticated. Once the PIN
> is authenticated, an application should have exclusive access.
> 
> However this period should be as short as possible and an application
> must release exclusive access either explicitly by user request or time-out.

Thank you for the clarification.  I understand well.  I'll
try to improve scdaemon following this practice.

The situation of OpenPGPcard is that, (when it is configured as
not-forcing PIN authentication for every signing request,) the period
is forever currently.
-- 



More information about the Gnupg-devel mailing list