Slightly OT - mobile OpenPGP usage

Wiktor Kwapisiewicz wiktor at
Tue Aug 27 18:55:13 CEST 2019

Hi Chris,

On 27.08.2019 17:52, Chris Narkiewicz via Gnupg-users wrote:
> On 26/08/2019 19:47, Wiktor Kwapisiewicz via Gnupg-users wrote:
>> If one sets URL field on the
>> token then just plugging the token when OpenKeychain is opened is enough
>> to get the key ready-to-use.
> Can you explain what kind of workflow do you mean here?

I mean you start OpenKeychain, touch the NFC token and get the import 
key screen (see attachment). This is very straightforward, no need to 
mess with passwords and secret key files.

OpenPGP software requires public keys but tokens don't store them so own 
public keys need to be transmitted somehow. Fortunately OpenPGP Card 
spec has a "URL of public key" field.

You can see/set the value this way:

$ gpg --card-edit

Reader ...........: ...
Application ID ...: ...
Version ..........: 2.1
Manufacturer .....: Yubico
URL of public key :
Login data .......: wiktor

This is in turn used by OpenKeychain (but also by gpg --card-edit and 
"fetch" subcommand) to download public parts.

Kind regards,
-------------- next part --------------
A non-text attachment was scrubbed...
Name: okc-import-token.jpg
Type: image/jpeg
Size: 28307 bytes
Desc: not available
URL: <>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 890 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the Gnupg-users mailing list