Testing with card, some questions

J. Ottosson j-001 at ottosson.nu
Tue Nov 16 12:45:55 CET 2010


A final small test before I awaite some wise advice..

I manually deleted the keys in the keyrings, which were obvioulusly there, that 
does not end my questions though.

Now I don't see the keys in list-keys etc when card is not active, good so far 
then :) However when I now use the card, the card contents is visable in GPA 
Card manager just fine, as with --card-status in cmd. However, now the onboard 
keys seem nonexistent to GPA itself. When trying to sign something, the card key 
is NOT visable when card is in and not showed amongst those to chose from. And 
the key does not show up in keyring listings.

I can have card manager up and remove-add the card repeatidly and it's noticed 
on the fly with no problems.

Refreshing makes no difference for GPA key manager. I have tried killing the 
service you mentioned but see no change.

Am I still missing something?



On 16 Nov 2010 at 12:29, Sven Klomp wrote:

> I foward this message to the list. It seems that reply-to of the
> mailing-list configuration is not correctly set...
> ----------  Forwarded Message  ----------
> Subject: Re: Testing with card, some questions
> Date: Tuesday 16 November 2010, 11:40:49
> From: "J. Ottosson" <j-001 at ottosson.nu>
> To: Sven Klomp <mail at klomp.eu>
> On 16 Nov 2010 at 11:15, Sven Klomp wrote:
> > This seems to be a bug of scdaemon. Kill the daemon and gpg -card-status
> > will have no information. Insert the card and the informations is
> > available... You could also try to decrypt or sign a file, while the
> > card is not inserted. It should fail...
> Also, when having card OUT, in GPA GUI card-key is present, with also the
> icon indicating it is indeed a cmartcard key and when doing the backup the
> resulting file indeed have both public and private keys in it.. 
> It feels like GPG has the keys in ordinary key files, but indicates
> nonetheless that the keys originates from the card, hence the icon, and is
> either way able to make the complete backup.
> There is a slight risk of confusion here. There is the risk that I, the
> user, feels comfortable that the key is in (and only in) the card when
> that icons shows in the GUI.
> I don't understand how that could be unless I somehow accidently and
> without realizing it imported the newly generated - and backed up - keys
> when looking at the backup file just after the smartcard keys were
> generated. And even so, perhaps somehow the user should be warned that key
> is not 'only' on the card, somehow.
> Perhaps I should kill the keys and test again, without making backups this
> time.. Any other notes on the subject welcome.
> /J
> > 
> > Regards
> > Sven
> -----------------------------------------
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users

More information about the Gnupg-users mailing list