poldi: [PATCH] Add option 'killscd'.
NIIBE Yutaka
gniibe at fsij.org
Tue Mar 3 03:12:16 CET 2020
Benjamin Kibbey <bjk at luxsci.net> wrote:
> On March 2, 2020 4:55:06 AM UTC, NIIBE Yutaka <gniibe at fsij.org> wrote:
>
>>I think that the card should reset (to nullify existing verification
>>status) _before_ poldi tries to use it for the authentication. And
>>after unlocking a screen, it is OK (or good) to keep card's verification
>>status; A user can use the card for SSH with no further verification.
>
> I think this makes more sense. Unfortunately no time for me to patch
> poldi myself.
OK. I will try to improve Poldi this month. My plan is doing
two things.
(1) As you pointed out (and we agree): a change of Poldi
Always require user's PIN input.
(2) Adding a command to scdaemon so that an application can be notified
for card removal.
Currently, we have "scd-event" feature, but it is not well-designed.
I'm thinking about adding WATCH command which informs status change.
I'll report about changes here.
--
More information about the Gnupg-devel
mailing list