[guardian-dev] OpenPGP Keychain 2.1 with new API
Dominik Schürmann
dominik at dominikschuermann.de
Tue Sep 10 12:46:51 EDT 2013
Currently there is not support for OpenPGP smarcards or Yubikey Neo and
nobody is working on it.
You can open feature requests at
https://github.com/dschuermann/openpgp-keychain/issues/new
Besides feature requests I accept pull request ;) and donations in form
of yubikeys ;)
Regards
Dominik
On 10.09.2013 18:29, David Holl wrote:
> On Tue, Sep 10, 2013 at 05:44:33PM +0200, Natanael wrote:
>> While mentioning smartcards, the Yubikey Neo seems to have an
>> OpenPGP smartcard mode (that needs to manually actiated in
>> firmware), could that work with this app?
>
> I would hope so. Does the Neo claim to be compatible with the open
> specification? http://g10code.com/docs/openpgp-card-2.0.pdf
>
>> Then you'd always have a hardware protected keypair (if you don't
>> lose your Yubikey), so even rootkits can't get your private key.
>
> Exactly! :) Rootkits or compromised firmware... And even if a
> compromised device does cache my pin and use my card (while briefly
> inserted), I hope to be alerted of any illicit accesses courtessy
> of the signature counter built into the card.
>
> There seem to be at least 3 potential "cards" that I'm aware of:
> OpenPGP SmartCard V2
> Yubikey Neo
> Crypto Stick https://www.crypto-stick.com/
>
> (I put "cards" in quotes, because the Crypto Stick includes a
> "thumb" form-factor USB interface. Though not as tiny as the
> Neo, it still supports 4096 bit keys.)
>
> - David
>
> Aside:
>
> I selected the OpenPGP SmartCard V2 for my personal use, because
> the Crypto Stick has been out of stock for a while, and the Yubikey
> Neo appears to only support 2048 bit keys. If I really want the
> "thumb" form factor of the Crypto Stick, I may try popping out the
> ID-000 minicard from the OpenPGP SmartCard and putting it into a
> "Gemalto USB Shell Token V2" (aka the "IDBridge K30"). Otherwise,
> the "SCM SCR3500" reader is almost small enough for use on a key
> chain, and is widely available at reasonable prices. (about $40
> total for a SmartCard V2 with a SCM SCR3500 reader.)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 554 bytes
Desc: OpenPGP digital signature
URL: <http://lists.mayfirst.org/pipermail/guardian-dev/attachments/20130910/fee13c4e/attachment.pgp>
More information about the Guardian-dev
mailing list