Best practice for periodic key change?
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Tue May 10 06:41:09 CEST 2011
On 05/10/2011 12:32 AM, Jerome Baum wrote:
> Is that an implementation problem? i.e. is it possible to write an
> implementation that does distinguish, or is it technically impossible w/out
> processing the entire data on-card?
As i understand the process, i think it would be necessary to pass all
the data through the card in order to for the card to know which type of
signature it was making.
I know nothing of the details of how these cards are implemented,
though. Maybe they do this already? it seems like performance would be
problematic if you were signing something like a multi-MiB document,
given the speed of most smartcards.
Maybe one of the folks with experience implementing these devices can
give more concrete details?
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1030 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110510/0731b3a8/attachment.pgp>
More information about the Gnupg-users
mailing list