poldi: [PATCH] Add option 'killscd'.

NIIBE Yutaka gniibe at fsij.org
Tue Mar 3 03:12:16 CET 2020


Benjamin Kibbey <bjk at luxsci.net> wrote:
> On March 2, 2020 4:55:06 AM UTC, NIIBE Yutaka <gniibe at fsij.org> wrote:
>
>>I think that the card should reset (to nullify existing verification
>>status) _before_ poldi tries to use it for the authentication.  And
>>after unlocking a screen, it is OK (or good) to keep card's verification
>>status; A user can use the card for SSH with no further verification.
>
> I think this makes more sense. Unfortunately no time for me to patch
> poldi myself.

OK.  I will try to improve Poldi this month.  My plan is doing
two things.

(1) As you pointed out (and we agree): a change of Poldi

Always require user's PIN input.

(2) Adding a command to scdaemon so that an application can be notified
    for card removal.

Currently, we have "scd-event" feature, but it is not well-designed.
I'm thinking about adding WATCH command which informs status change.


I'll report about changes here.
-- 



More information about the Gnupg-devel mailing list