OpenPGPCar on JavaCard key import and large keys
Werner Koch
wk at gnupg.org
Mon Aug 27 10:24:15 CEST 2007
On Sun, 26 Aug 2007 20:09, ged at solace.miun.se said:
> I have tried to describe some none standard additions as well as use of
> the ENVELOPE command in a document included below. All of which I already
> have implemented (however not tested yet) in my Java Card implementation
> of the spec. Comments and suggestions are welcome.
I'll forward to Achim Pietig who maintains the specs. We are already
collecting new features for a new revision.
> Any chance of actually geting support for it implemented in GnuPG?
Sure. It just a matter of time. I'd like to do this myself but I doubt
that I get to it in th next few months. Other contributions are
welcome, but remember that we need to do some legal paper exchange with
the FSF.
> Are there any need, interest and/or use for further extensions to the
> card? Maybe the possibility for OpenPGP certificate for the public key to
> be stored on card? Expand the card edge to make it have enough
Hmmh, mine is 81k - quite some stuff for a smartcard. The size of the
OpenPGP keyrings was the thereason that went for the fingerprint
approach. And weel, in almost all cases you need a net connection and
thus you can get trghe certificate/keblock online.
> functionality to be able to be used together with PKCS #11 (possible
> making a PKCS #15 compatible structure)?
Hey, it is already usable for with pkcs#11 (www.scute.org and Alon's
alternative scdaemon).
A design goal is to keep the specs from getting too complex - thus
pkcs#15 is nothing we should go for.
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz.
More information about the Gnupg-users
mailing list