Hello,
I am sorry to intrude...
But I had a discussion with Werner Koch about a similar issue.
I think that gpg should support PKCS#11 interface for smartcards, so
that it
can be used with all smartcards that support this standard.
PKCS#11 is the most used and most implemented standard.
I don't understand why gpg developers choose to implement their own
smartcard
standard... The most reasonable claim I've got was the licensing
issue... But nobody
succeeded in proving that there is a licensing problem.
You can look for messages with "PKCS#11 support for gpg-agent" subject
for future
information at gnupg-users.
Best Regards,
Alon Bar-Lev.
Joe Smith wrote:
There is no need to post a message to the list three times.
Is it possible to obtain further details on the OpenPGP card?
I have such a card and a working smartcard reader but, ideally, I'd
like to
obtain copies of the sourcecode and program my own cards. However, it's
extremely difficult to track down any specific information!
You can get aditional information, but unfortunately the information
available is not to particularly satisfying.
That said these are the details I know:
The openPGP cards are manufactured by PPC Card Systems using a chip
created by Atmel, running BasicCard OS, and code written presumably by
Werner Koch. The cards are non-reprogrammable, they are set to state
'RUN'.
The last I asked there were no other manufactures of OpenPGP Card
complient smartcards.
-----
Ideally one should be able to just buy a smart card with rsa support,
download OpenPGP card source, and compile it. Then flash it and any
other things you wish to have on the card. However it sadly does not
work that way.
Source code is not available. Here is a quote from an email Werner
sent me:
Is the source for the program on the card available?
No, this is not possible because the chip vendors supply chips only to
large card vendors due to fear of litigation through Pay TV channels.
They had pretty bad experience with that in recent years. Same goes
with the firmare supplied with the chip which is the base of the
(actual very small) application we did. Atmel will even stop the
production of the chip we are currently using due to force by Pay TV
lawyers (the same chip is used in many Pay TV scrambling systems; and
they all use security by litigation). Its all a very sad and
ridiculous situation.
If you can somehow manage to get ahold of a BasicCard OS-based
smartcard that has support for RSA, it would not be too difficult to
program it. Most of the crypto stuff is handled by the chip, so the
code needed to be written is mainly interface code.
_______________________________________________
Gnupg-users mailing list
[email protected]
http://lists.gnupg.org/mailman/listinfo/gnupg-users
_______________________________________________
Gnupg-users mailing list
[email protected]
http://lists.gnupg.org/mailman/listinfo/gnupg-users
