restoring SmartCard key with off-card copy

Robert J. Hansen rjh at
Wed Oct 5 13:17:42 CEST 2011

On 10/5/2011 5:31 AM, Laurent Jumet wrote:
> In my opinion, a key-to-card key should *never* have an existent
> backup.

"Never" is one of those words that's best used sparingly.

> Purpose of cards is "one man"/"one card", as the card is
> supposed to identify the man for all purposes.

This is one particular purpose of cards.  It is not the sole purpose.

In my daily work I walk from one lab to another to another.  Some of
these labs have trusted hardware on trusted networks.  Others have
untrusted hardware connected to untrusted networks.  On the trusted
networks I want my certificate there on disk, because it's more
convenient to do that than to keep reaching for my wallet every time I
need to sign something.  On the untrusted network I want my certificate
on a card, because I don't want the secret part of my certificate to
ever touch that hardware.

There are many other use cases similar to this in which it makes good
sense to have certificates on hard drives as well as certificates on
cards.  I'm sure that if you think about it for a while you'll come up
with several other reasonable scenarios.

More information about the Gnupg-users mailing list