Non-interactive PIN not accepted, gpg hangs
laurent at elanor.org
Wed Sep 30 16:53:47 CEST 2015
Le 2015/09/30 16:10 +0200, Peter Lebbing a écrit:
> Yes. I have no experience in highly available services, let alone GnuPG in one.
> I'm just an enthousiast. I don't know if an OpenPGP Card is suitable (yet?) for
> situations where it is critical it always works. Since I upgraded to 2.1 on my
> laptop, I sometimes encounter issues right after plugging in my USB smartcard
> reader, which I solve by replugging. It could be that it's all rock solid when
> you always have it plugged in, or it could be that it sometimes stumbles and
> requires maintenance. That situation is not critical in personal use. "Have you
> tried turning it off and on again?". In your case, it might very well be critical.
> Like with a smartcard or RFID for access control. If the door doesn't open, you
> just try again. It's not a major issue if sometimes the card doesn't work on
> first use, and in practice, they don't always work on first use. Just watch out
> you don't run into the door because you expected it to open. Been there, done
> that :).
Ah, yes, I'm well aware of that :)
There are contingencies in case of failure, of course. It's repeated,
multiple failures that are to be avoided, anything that can't be documented.
Also, just to be clear: the super-expensive bricks I mentioned, I've not
said they're in any way more reliable. They're not. Full of bugs, they
are. Eg, our current ones, the network interface has to be forced at 10
Mbps/HD when they're connected to certain models of Cisco switches.
Known issue, no fix.
> You could be right, I don't know. I think it would certainly be useful if there
> was something in between.
There's got to be a market now. The current PCI-DSS requirements just
beg for it.
More information about the Gnupg-users