Keeping (some information of) gpg --card-status private
Georg Faerber
georg at riseup.net
Fri Jul 27 19:12:42 CEST 2018
Hi Achim, all,
On 18-07-27 13:02:42, Achim Pietig wrote:
> most information like key-IDs, fingerprints etc. are set to READ
> ALWAYS in the card specification - this information is also available
> in GnuPG (e. g. --list-keys) without any protection.
Alright.
Regarding your second point: Yeah, but, for example, imagine a pc using
LUKS-encrypted storage: In case the device is turned off, these
information are not revealed.
> Werner and me defined these policies 15 years ago and no one had any
> probs with it up to now ;)
I see, thanks, even if this is a bit unfortunate.
> All implementions that are in compliance with the card specification
> have the same behaviour. Any change will result in changes for GnuPG
> and other software that works with the card too.
Any other people out there with an opinion regarding this? Any interest
in changing the spec (to begin with)?
Cheers,
Georg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20180727/ea7123bd/attachment.sig>
More information about the Gnupg-devel
mailing list