OpenPGP und GnuPG 2.0.12

Morten Gulbrandsen classpath at arcor.de
Tue Aug 4 00:46:09 CEST 2009


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Alexander Bertram wrote:
> Liebe Mitglieder,
> 
> ich habe mit GnuPG ein asymmetrisches Schlüsselpaar auf meiner Smartcard
> generiert. *Der private und öffentliche Schlüssel wurde direkt auf der
> Karte erzeugt.*
> 

Such a smart card , Like this ?

http://en.wikipedia.org/wiki/Smart_card


Please which card reader did you use,  there are many types of them.


as an example:

http://www.deutsche-bank.de/pbc/ser-onlinebanking-signtrustcard.html


technisch aktuellen


Chipkartenleser (Reiner SCT, Secoder)
und die neueste Version der Signatursoftware Intarsys „SignLive! CC“


Herzlich willkommen bei REINER SCT,
dem Spezialisten für Chipkartenlesegeräte!

http://www.reiner-sct.com/

Popular in germany but you do know that HBCI is  obsolete?


FinTS (Financial Transaction Services),

http://en.wikipedia.org/wiki/FinTS

Is the latest in greatest of all new protocols.





===

Buth card reader and software for reading frm and writing to the card is
important.


http://en.wikipedia.org/wiki/Card_reader#Smart_card_readers

With the latest PC/SC CCID specifications the PC/SC Workgroup
(www.pcscworkgroup.com) has defined a new way of smart card framework.
It works with USB devices with the specific device class 0x0B. Readers
with this class do not need device drivers because the operating system
manufacturer supplies it by default.


It would be nice if you may re post your question in English.

GnuPG may also work with the .gnupg/  directory from a usb memory stick.

There is also an openPGP card,


http://en.wikipedia.org/wiki/OpenPGP_card


and an OpenPGP smartcard specification

http://g10code.com/


I only use GnuPG and no cardreader, no smartcard. And I never copy
sensitive data on any usb device. It is simply fraught with peril.

What do you do if someone copies the private key from any usb stick or
smart card? You may easily "Loose" it and by pure accident "someone"
simply "Finds" it where you have "Lost" it ?


I'm curious how this is supposed to work and if it will ever work the
way marketing wants us to swallow SIM cards, RFIDs and whatever new cool
and fancy stuff industry and government may design together:

Chips in official IDs raise privacy fears

http://www.google.com/hostednews/ap/article/ALeqM5hHq9P54bYfXbHp-aDgs01gePq1twD99CDMT00


GnuPG is about pretty Good Privacy,


Sincerely yours,


Morten Gulbrandsen

主バイトホイットフィールド
_____________________________________________________________________
Java programmer, C++ programmer
CAcert Assurer, GSWoT introducer, thawte Notary
Gossamer Spider Web of Trust http://www.gswot.org
Please consider the environment before printing this e-mail!



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (SunOS)
Comment: For keyID and its URL see the OpenPGP message header

iEYEARECAAYFAkp3aLEACgkQ9ymv2YGAKVSelACgzjr0o49ge56Ey+mKxstp0alF
YzsAoPPrLjmYwqp+ZGH3k/23Ht+ET6Ia
=Ffvo
-----END PGP SIGNATURE-----



More information about the Gnupg-users mailing list