On Thursday 22 January 2015 17:00:44 Felix E. Klee wrote: > However, there > is one attack which I think could be easily prevented: With the card > in the reader, the PIN entered, and Eve having remote access to my > machine, she could sign and decrypt documents.
Are you sure? On my setup, the smartcard seems to only allow one sign operation per pin-entry. Decryption, on the other hand seems to be allowed without re-authorisation until the card has been removed from the reader (or until it has been reset by another means). _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
