OpenPGP Card

Zeljko Vrba zvrba at globalnet.hr
Wed Sep 7 15:30:39 CEST 2005


David Picon Alvarez wrote:
>>There is not point in writing a low level code in each application to
>>support each card it is NxN situation, not wise.
>
>
> The truth is that if cards were more ISO compliant this situation would not
> be a big deal.
>
Even if this were to happen, ISO still doesn't say anything about
"big-iron" crypto HW (as Peter Guttmann called it). To use such HW
hardware, you have only 4 options (as Peter already did once point them
out):

1. PKCS#11
2. MS CAPI
3. vendor's proprietary API
4. do not support the HW at all

Pick your poison :)

Werner has chosen 4. for GnuPG, contrary to wishes of GnuPG users.

PKCS#11 and MS CAPI are the only wide-spread APIs that solve the problem
of _generic interfacing_ to crypto HW.

Oh, I'm tired already of this. I'm waiting fot the FSF's verdict on the
matter.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 254 bytes
Desc: OpenPGP digital signature
Url : /pipermail/attachments/20050907/cef8040f/signature.pgp


More information about the Gnupg-users mailing list