gnupg 'signing server'? Looking for advice on key management/security

Werner Koch wk at
Wed Nov 15 11:03:08 CET 2023

On Tue, 14 Nov 2023 20:52, Jacob Bachmeyer said:

> succeed in either case.  If this condition is not met, Mallory will
> eventually be able to forge a signature.  Therefore, smartcards do not
> actually provide additional security in the typical PGP usage.

In all environments you have the advantage that you don't need to
re-deploy your public keys after a compromise of your signing box.
Sure, there are signatures on software/data out there which are not
legitimate but this is not different from the easier attack of modifying
the software/data before doing the signature.

Further, by inserting the smartcard only when required you limit the
exposure time of the key and hinder attackers to do a lot of
illegitimate signatures or decryption.

The OpenPGP cards feature a signature counter which can give you a hint
on whether it was used by something else than you.  It is not a perfect
solution but raises the hurdle for the attacker.  By using the smartcard
on different machines you can even avoid malware which fakes the
displaying of the signature counter.

For a policy POV having the key material securely locked away is also an
advantage - even if the data can be decrypted/signed using a smartcard
by malware.  The security of the key material and the ability to use the
key material are different topics in a security policy.



The pioneers of a warless world are the youth that
refuse military service.             - A. Einstein
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openpgp-digital-signature.asc
Type: application/pgp-signature
Size: 247 bytes
Desc: not available
URL: <>

More information about the Gnupg-users mailing list