Keeping (some information of) gpg --card-status private
Achim Pietig
achim at pietig.com
Fri Jul 27 13:02:42 CEST 2018
Hi Georg,
most information like key-IDs, fingerprints etc. are set to READ ALWAYS in the card specification - this information is also available in GnuPG (e. g. --list-keys) without any protection.
Werner and me defined these policies 15 years ago and no one had any probs with it up to now ;)
All implementions that are in compliance with the card specification have the same behaviour. Any change will result in changes for GnuPG and other software that works with the card too.
Regrads
Achim
Am 27.07.2018 um 09:23 schrieb Georg Faerber:
> Hi all,
>
> I querying a Nitrokey Pro via gpg --card-status, without any PIN needed,
> the card reveals quite some information, for example the ids of the keys
> stored on the card.
>
> Is there any way around this, for example to make these information
> available only after a valid PIN was entered? In case it's not, are
> there any cards out there with which this is possible?
>
> Looking forward to any input.
>
> Thanks for your work,
> cheers,
> Georg
>
>
>
> _______________________________________________
> Gnupg-devel mailing list
> Gnupg-devel at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-devel
>
More information about the Gnupg-devel
mailing list