Talking about Cryptodevices... which one?

Daniel Kahn Gillmor dkg at fifthhorseman.net
Fri Jan 23 16:22:52 CET 2015


On Thu 2015-01-22 22:25:46 -0500, Faramir wrote:

>       Well, some months ago I wanted to take a look at existing
> smartcards and/or readers that hopefully support both OpenPGP and x503
> certificates, but my Google-Fo failed me, I couldn't figure out where
> to buy something that works on Windows and can be shipped to Chile.
> Any advice? I'm not planning to buy "right now", but the first step is
> to know what to buy, where to buy, and how much does it cost.

I don't know that it supports x.509 certificates explicitly right now,
but the gnuk (running on the FST-01) has free firmware and is under
active development.  gniibe (who i think is active on this list, but i'm
cc'ing here anyway) is lead on development for that project.

"Certificate support" is a bit of an odd question, because the cards
specifically deal with secret key material, which isn't any sort of
certificate at all -- the certificate is a wrapper around a public key
that happens to be associated with the secret key.

You can have a secret key that is associated with both an OpenPGP
certificate and an X.509 certificate if you like.

the FST-01 is available for a little under $40 USD, depending on the
physical form factor you want:

 http://www.seeedstudio.com/wiki/FST-01

            --dkg



More information about the Gnupg-users mailing list