Slightly OT - mobile OpenPGP usage
Wiktor Kwapisiewicz
wiktor at metacode.biz
Tue Aug 27 18:55:13 CEST 2019
Hi Chris,
On 27.08.2019 17:52, Chris Narkiewicz via Gnupg-users wrote:
> On 26/08/2019 19:47, Wiktor Kwapisiewicz via Gnupg-users wrote:
>> If one sets URL field on the
>> token then just plugging the token when OpenKeychain is opened is enough
>> to get the key ready-to-use.
>
> Can you explain what kind of workflow do you mean here?
I mean you start OpenKeychain, touch the NFC token and get the import
key screen (see attachment). This is very straightforward, no need to
mess with passwords and secret key files.
OpenPGP software requires public keys but tokens don't store them so own
public keys need to be transmitted somehow. Fortunately OpenPGP Card
spec has a "URL of public key" field.
You can see/set the value this way:
$ gpg --card-edit
Reader ...........: ...
Application ID ...: ...
Version ..........: 2.1
Manufacturer .....: Yubico
...
URL of public key : https://metacode.biz/@wiktor/openpgp/key
Login data .......: wiktor
This is in turn used by OpenKeychain (but also by gpg --card-edit and
"fetch" subcommand) to download public parts.
Kind regards,
Wiktor
-------------- next part --------------
A non-text attachment was scrubbed...
Name: okc-import-token.jpg
Type: image/jpeg
Size: 28307 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190827/9df66fab/attachment-0001.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 890 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190827/9df66fab/attachment-0001.sig>
More information about the Gnupg-users
mailing list