[PATCH 1/1] gpg-agent: add new option --cancel-card-pinentry

Neal H. Walfield neal at walfield.org
Fri Dec 16 08:48:58 CET 2016


Hi,

On Fri, 16 Dec 2016 02:58:37 +0100,
Curt Brune wrote:
> This patch adds a new boolean global option to gpg-agent.
> 
> The goal is to suppress unneeded pinentry prompting when the inserted
> smartcard's serial number does not match the requested serial number.

The idea is good, but I don't think the implementation is appropriate
in general.  Further, I don't like the option's name.  Ideally, gpg
would iterate over all of the PK-ESK blocks, determine whether the
user could potentially decrypt them, and then rank them according to
the expected ease with which the user could do that.  One criteria
would be the one that you suggested.  That idea has been floated
around in the past and will hopefully be implemented in 2.3.

Thanks!

:) Neal



More information about the Gnupg-devel mailing list