PGP and Smartcards?
Felix E. Klee
felix.klee at inka.de
Thu Jul 21 10:33:16 CEST 2005
I'd like to do PGP with a Smartcard that contains my main private key (I
want to go for 2048 RSA, it should last for about five years) and
subkeys (they should each last for about six months). I didn't buy a
smart card for this purpose yet, and before I go ahead, I'd like to get
some questions answered:
* Can I use GnuPG for signing and decryption with a smart card and 2048
bit RSA keys? What limitations do I have to expect, if any?
* Personally, I currently favor the Axalto Cryptoflex 32k. But is there
any card that you recommend? (I know that there's the OpenPGP card but
it only supports keys up to 1024 bits - not an option.)
* Why was OpenSC removed with development version 1.9.17 of GnuPG? From
a software developer's point of view it just doesn't make sense to
ditch an existing and supposedly well working library that provides a
standardized interface (PKCS#11) and whose license (LGPL) is compliant
with the license of the GnuPG.
* If not GnuPG, what free software alternatives are there for doing PGP
signing and decryption with a smart card?
--
Felix E. Klee
More information about the Gnupg-users
mailing list