OpenPGP card, gpgsm, decrypt

Werner Koch wk at gnupg.org
Tue Sep 24 09:02:12 CEST 2013


On Tue, 24 Sep 2013 08:03, joergd at bitquell.de said:

> This is because the encryption key cannot sign the CSR.

You are right.  Sorry, there is no standard solution for this.  It
depends on how a CA handles encryption keys.  Set up your own CA and you
do not need a CSR.

With the card there is no way to sign using the encryption key - padding
is handled inside the card and thus it can't be used to create a
signature.


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.




More information about the Gnupg-users mailing list