What are some threats against which OpenPGP smartcards are useful?
Christoph Groth
christoph at grothesque.org
Tue Jan 7 23:38:34 CET 2020
Wiktor Kwapisiewicz wrote:
> There is one feature of smartcards that's hard to reproduce otherwise:
> once you pull the smartcard out of the port the attacker can't use it.
>
> (...)
Thanks, that’s a good point! So if one’s concern is signing or
authentication, this is indeed useful. However, if one’s concern is
protecting encrypted secrets that are regularly accessed (like
passwords) and can be thus stolen, there seems to be less of a gain.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20200107/0a2804b4/attachment.sig>
More information about the Gnupg-users
mailing list