On Mar 31, 2011, at 3:06 PM, Astrakan wrote: > Thank you for your quick response. > > A couple of follow-up questions: > Im noticing that in an "empty" gpg-installation, when I run the > --card-edit command, gpg creates the > keyring files (0 bytes in size) in the homedir. When I then run the > generate command to create keys on the > card the keyring-files grow to a couple of bytes in size (secring > containing stubs that point to the card, right?) and > pubring.gpg containing the public key (since I can encrypt only when the > card is not inserted). > > So even if I generate the keys directly on the smartcard, using > --card-edit and generate commands, do > the actual public key key mass populate the smart card?
The card stores the parameters from the RSA algorithm (i.e. a series of numbers). Some of these numbers are considered public (and can be retrieved from the card), but this is not the same as what people generally call a "public key" in the OpenPGP/GnuPG sense. The OpenPGP public key contains those numbers in a particular format, plus the user ID(s), plus a signature for each user ID, etc. Basically, the answer to your question is strictly speaking yes, but for practical purposes no. > Follow-up question 2: > If I "fetch" the public key from a keyserver, on a computer with an > empty gpg installation, and import it, > does that store the public key on the card or is pubring.gpg created and > populated? That just stores the fetched key in your pubring. The card is not modified. David _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
