More secure than smartcard or cryptostick against remote attacks?

Peter Lebbing peter at digitalbrains.com
Fri Feb 8 10:48:25 CET 2013


On 08/02/13 03:12, Josef Schneider wrote:
> With GnuPG on the other hand someone who has access to my PC can sign
> whatever he likes and sign as much as he likes, as long as my card
> reader is attached

Just so you know, the OpenPGP card has a "forcesig", force signature PIN, flag
which you can set so you have to enter the PIN for every individual signature.
Unfortunately (IMHO), there's no such flag for decryption and authentication,
which can be done multiple times with one PIN entry.

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>



More information about the Gnupg-users mailing list