Feature request: treat missing smartcard reader as missing smartcard
Peter Lebbing
peter at digitalbrains.com
Tue Jan 17 12:23:09 CET 2017
Hi devs,
I think scdaemon would behave more predictably and more *correct* if it
treated a missing or changed card reader as a missing or changed card.
For instance, if I open an encrypted mail in Thunderbird/Enigmail, I see
the following:
- Card reader is plugged in but no card or different card present in reader:
I am prompted to insert the correct OpenPGP card. Once I do this and
okay the prompt, decryption is succesful.
- Card reader not plugged in:
Empty message window with Enigmail error on the lines of "Decryption
failed. No secret key available."
These days, it is quite common to see readers with either integrated
smartcards or smartcards that can't be changed or removed easily. I
think these devices should be treated as currently the smartcard is.
I.e., if the reader is not plugged in, prompt the user to insert their
smartcard just like scdaemon would if the reader were present but empty.
I think this is also the reason why in this[1] mail to gnupg-users,
Anton is not able to do the same procedure as I could. I used a desktop
smartcard reader and two regular OpenPGP cards. Anton used one regular
OpenPGP card and one Yubikey. Where I was prompted to change cards, his
attempt likely failed because he had to swap *readers* as well as cards.
Peter.
[1] <https://lists.gnupg.org/pipermail/gnupg-users/2017-January/057445.html>
--
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
More information about the Gnupg-users
mailing list