exclusive vs. shared smart card access

Simon Josefsson simon at josefsson.org
Tue Sep 1 11:58:04 CEST 2015


NIIBE Yutaka <gniibe at fsij.org> writes:

> On 09/01/2015 04:23 PM, Simon Josefsson wrote:
>> There is U2F too which is supported by Chrome (works in Debian Stable).
>
> I didn't know that.  Is it implemented parallel to OpenPGPcard as a
> feature in a single smartcard?  How does it work with Yubikey?
>
> If it's implemented by another interface of USB device, it's simpler,
> it can co-exist.

I forgot to mention some details -- U2F is not CCID but a different
USB-based protocol.  Locking CCID will not prevent U2F from working, I
believe.

> Or, I think that it is somehow easily possible to write an application
> of U2F which communicates gpg-agent, so that a user can use an
> authentication subkey for U2F.  For me, this sounds the way to go.
> How do you think this direction?

I can imagine other applications wanting U2F functionality eventually,
but I don't have a good use-case in mind right now.

/Simon
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 472 bytes
Desc: not available
URL: </pipermail/attachments/20150901/454e6494/attachment.sig>


More information about the Gnupg-devel mailing list