Keeping (some information of) gpg --card-status private

Georg Faerber georg at
Fri Jul 27 19:12:42 CEST 2018

Hi Achim, all,

On 18-07-27 13:02:42, Achim Pietig wrote:
> most information like key-IDs, fingerprints etc. are set to READ
> ALWAYS in the card specification - this information is also available
> in GnuPG (e. g. --list-keys) without any protection.


Regarding your second point: Yeah, but, for example, imagine a pc using
LUKS-encrypted storage: In case the device is turned off, these
information are not revealed.

> Werner and me defined these policies 15 years ago and no one had any
> probs with it up to now ;)

I see, thanks, even if this is a bit unfortunate.

> All implementions that are in compliance with the card specification
> have the same behaviour. Any change will result in changes for GnuPG
> and other software that works with the card too.

Any other people out there with an opinion regarding this? Any interest
in changing the spec (to begin with)?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Digital signature
URL: <>

More information about the Gnupg-devel mailing list