OpenPGP 2.0 and Hushmail keys
David Shaw
dshaw at jabberwocky.com
Thu Sep 10 18:17:35 CEST 2009
On Sep 10, 2009, at 3:36 AM, Sean Wilson wrote:
> Does anyone know if the new OpenPGP 2.0 card supports Hushmail keys?
>> From what I understand Hushmail is based on OpenPGP so it should
>> work.
> The key I have from my Hushmail account is 2048bit in length but
> once I
> copy the key onto the OpenPGP 2.0 card I can't decrypt Hushmail email
> anymore, any idea why?
It should work fine. It sounds like a different sort of problem.
> Also, if I generate a brand new key pair ON the OpenPGP 2.0 card, will
> anyone be able to export or copy the private key (if the OpenPGP
> card is
> NOT inserted in the reader)? Does GPG write a copy of the keys
> anywhere
> else besides on the card?
No, but there is a stub secret key that lives in the usual secret
keyring. This isn't a true secret key (it does not contain the actual
key data), but is the OpenPGP information (user IDs and other things),
along with a pointer that says "the key is on smartcard XYZ".
So if they can get ahold of your computer, someone could steal this
stub, but there is nothing secret about it, and it won't do them any
good.
David
More information about the Gnupg-users
mailing list