Finally: Login via SSH authentication with OpenPGP smart card & 100% Free Software PCMCIA reader

Werner Koch wk at gnupg.org
Mon Feb 13 14:38:48 CET 2006


On Mon, 13 Feb 2006 13:04:24 +0200, Alon Bar-Lev said:

> Are you aware of the PKCS#11 for OpenSSH solution
> (http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=113977188917865&w=2)?

Well, I know.  However you know my point of view: pkcs#11 is a
"standard" too complex to implement correctly and even with a lot of
important things left out.  It is only required (and that complex) to
let one proprietary software speak to another proprietary one. 

Things can be much easier with FS.  Why support proprietary stuff?

> I just hope that someday OpenPGP card will also have PKCS#11
> provider, so it can be used by other applications, and the

Please write one; gpg-agent provides all you need to do that.  It may
actually be useful for use with Mozilla..

> other way around... gpg will use PKCS#11 providers in order
> to support many card types.

No, we won't do that.


Shalom-Salam,

   Werner




More information about the Gnupg-users mailing list