Storing key on multiple smartcards
wk at gnupg.org
Wed May 8 08:26:04 CEST 2019
On Tue, 7 May 2019 10:21, gniibe at fsij.org said:
> # TYPE is describes the type of the key:
> # 'D' - Regular key stored on disk,
> # 'T' - Key is stored on a smartcard (token),
> # 'X' - Unknown type,
> # '-' - Key is missing.
> # SERIALNO is an ASCII string with the serial number of the
> # smartcard. If the serial number is not known a single
> # dash '-' is used instead.
> # IDSTR is the IDSTR used to distinguish keys on a smartcard. If it
> # is not known a dash is used instead.
> # CACHED is 1 if the passphrase for the key was found in the key cache.
> # If not, a '-' is used instead.
> # PROTECTION describes the key protection type:
> # 'P' - The key is protected with a passphrase,
> # 'C' - The key is not protected,
> # '-' - Unknown protection.
> # FPR returns the formatted ssh-style fingerprint of the key. It is only
> # printed if the option --ssh-fpr has been used. If ALGO is not given
> # to that option the default ssh fingerprint algo is used. Without the
> # option a '-' is printed.
> # TTL is the TTL in seconds for that key or '-' if n/a.
> # FLAGS is a word consisting of one-letter flags:
> # 'D' - The key has been disabled,
> # 'S' - The key is listed in sshcontrol (requires --with-ssh),
> # 'c' - Use of the key needs to be confirmed,
> # '-' - No flags given.
> # More information may be added in the future.
> I'm going to modify this, to distinguish a key on card which is
> inserted, and a key on card which is not inserted. This can be either:
> (1) For key on inserted card, add another flag into FLAGS (say, 'A' for
I think that is the proper solution.
> (2) Introduce new TYPE (say, 'O' for offline) and change the semantics
> of 'T' meaning inserted card.
Alsthough I don't think we will run into problems with that it is not as
clear as using an extra flag.
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 227 bytes
Desc: not available
More information about the Gnupg-devel