What are some threats against which OpenPGP smartcards are useful?

Franck Routier (perso) alci at mecadu.org
Wed Jan 8 18:50:39 CET 2020


I think this can be configured:

ykman openpgp touch enc on
ykman openpgp touch sig on

Franck

Le 8 janvier 2020 18:35:20 GMT+01:00, Andrew Gallagher <andrewg at andrewg.com> a écrit :
>On 2020/01/08 17:29, Franck Routier (perso) wrote:
>> Notice that some features, like the metal contact toggle on some
>yubikey
>> can mitigate the problem of having an attacker with full local
>access.
>> You then have to touch the key each time you want to use it, so
>> illegitimate access would be noticed.
>
>On my yubikey at least, the touch contact is only used for the FIDO 2FA
>- the PGP smartcard feature is secured by PIN as per any other
>smartcard.
>
>-- 
>Andrew Gallagher

-- Envoyé de /e/ Mail.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20200108/a5b196af/attachment.html>


More information about the Gnupg-users mailing list