ROCA detection in GnuPG
wk at gnupg.org
Tue Oct 17 09:01:53 CEST 2017
Over at gnupg-verein, Phil asked whether it would make sense to have an
auto-detection of ROCA affected keys in GnuPG.
Only a few gpg generated keys seem to be affected. Probably those
created on certain smartcards: Yubikey seems to be affected but the
commonly used Zeitcontrol card should be fine because, afaik, that card
uses an NXP and not an Infinion chip.
I wondered on how to best implement this in GnuPG: We have no central
place to test _public_ keys and thus a check needs to be implemented in
gpgsm, and gpg. I expect that OpenSSH will provide a tool to check ssh
public keys, thus there is no need for us to do that in gpg-agent.
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 357 bytes
Desc: not available
More information about the Gnupg-devel