OpenPGP card and BasicCard
Werner Koch
wk at gnupg.org
Thu Apr 14 20:01:55 CEST 2005
On Thu, 14 Apr 2005 08:20:13 +0200, Christian Rank said:
> So the OpenPGP cards are ZeitControls's BasicCards with RSA encryption
> and the OpenPGP application loaded and put in state 'RUN' (no further
> programming of the card possible)?
Exactly.
> What I'm missing from the OpenPGP card is the ability to load a PCKS#15
> structure on the card. This would make it possible to use this card not
No way. There is a reason why we did this simple design. pkcs#15 is
a compex thing with a lot of incompatibilities between
implementations.
> only for signing and encryption, but also for WWW authentication with
> client certificates. Is something like that planned in the future?
There is a vague plan of writing a pkcs#11 library using the card as
actual crypto token. Most likely this library will speak to scdaemon
via gpg-agent and thus support a variety of cards - including native
pkcs#15 cards.
AFAIK, there is pkcs#15 emulation code in OpenSC for our card. Not
sure whether it is still functional; Olaf Kirch once wrote it and told
me that he succeeded in using the card.
Salam-Shalom,
Werner
More information about the Gnupg-users
mailing list