New smart card / token alternative
seby2kt14 at gmail.com
Tue Nov 7 00:12:16 CET 2017
"Tim Steiner" <t at crp.to> wrote:
We have been working on a project to build a direct interface for PGP/GPG
usage using U2F for web apps and browser extensions. This is similar to
existing smart cards and tokens but no software install is required.
We set out to solve this problem -"Man, I really wish I could read this PGP
message, or send this message, or open this file, or sign this file, but I
don't have my laptop with me"
With this solution you can keep the key offline, carry it with you and it
works even on a computer where you can't install software -
We are interested to hear feedback on this approach from the community.
CISSP-ISSAP, C|EH, OSCP, PMP
Email: T at crp.to
CryptoTrust | crp.to
Your product provides a false sense of security. Educating users that is is
somehow safe is a terrible mistake. Telling users it is safe to plug in any
computer and encrypt decrypt stuff is a terrible idea.
How was your budget distributed? What hardware and firmware do you use what
security audit have you done?
Even if the things in second paragraph are fixed first paragraph still
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Gnupg-users