How do I make the private key on a OpenPGP smartcard non exportable ?

Werner Koch wk at gnupg.org
Tue Jun 25 09:55:45 CEST 2013


On Tue, 25 Jun 2013 06:24, ndk.clanbo at gmail.com said:

> First: I trust more the RNG on a card than a SW one

A card based RNG is often nothing more than a PRNG with a card specific
seed.  Modern cards seem to have a real hardware RNG.  Compared to
actual hardware RNGs they are very limited and probaly prone to errors.
there is also no way to do extensive power up tests which all other
hardware RNGs require.

I consider a good OS supported RNG more reliable.


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.




More information about the Gnupg-users mailing list