Keeping (some information of) gpg --card-status private

Achim Pietig achim at
Fri Jul 27 13:02:42 CEST 2018

Hi Georg,

most information like key-IDs, fingerprints etc. are set to READ ALWAYS in the card specification - this information is also available in GnuPG (e. g. --list-keys) without any protection.
Werner and me defined these policies 15 years ago and no one had any probs with it up to now ;)
All implementions that are in compliance with the card specification have the same behaviour. Any change will result in changes for GnuPG and other software that works with the card too.


Am 27.07.2018 um 09:23 schrieb Georg Faerber:
> Hi all,
> I querying a Nitrokey Pro via gpg --card-status, without any PIN needed,
> the card reveals quite some information, for example the ids of the keys
> stored on the card.
> Is there any way around this, for example to make these information
> available only after a valid PIN was entered? In case it's not, are
> there any cards out there with which this is possible?
> Looking forward to any input.
> Thanks for your work,
> cheers,
> Georg
> _______________________________________________
> Gnupg-devel mailing list
> Gnupg-devel at

More information about the Gnupg-devel mailing list