More secure than smartcard or cryptostick against remote attacks?
peter at digitalbrains.com
Fri Feb 8 10:48:25 CET 2013
On 08/02/13 03:12, Josef Schneider wrote:
> With GnuPG on the other hand someone who has access to my PC can sign
> whatever he likes and sign as much as he likes, as long as my card
> reader is attached
Just so you know, the OpenPGP card has a "forcesig", force signature PIN, flag
which you can set so you have to enter the PIN for every individual signature.
Unfortunately (IMHO), there's no such flag for decryption and authentication,
which can be done multiple times with one PIN entry.
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
More information about the Gnupg-users