Sorry, I didn't have time to reply your call the other day. I think that Gemalto Shelltoken Card Reader, which is available at http://shop.kernelconcepts.de/ is good one.
Please note that OpenPGP card requires specific card readers. Its users usually use RSA-2048, RSA-3072, or RSA-4096. For those key sizes, the communication is somewhat difficult for old standard of ISO 7816. (For RSA-1024, most smart card readers work well.) I recommend TPDU readers, because readers which support extended APDU level communication tend to have issues for larger size communication. On 10/18/2016 04:51 PM, Daniel Pocock wrote: > I was looking at this page: > > https://wiki.gnupg.org/CardReader/PinpadInput > > Are any of these more outstanding than the others, or it doesn't matter > which one somebody chooses? > > Could anybody comment on which of those are easily available in small > quantities for developers, or suppliers who are cost effective for small > quantities? I implemented the pinpad input support in scdaemon. While I know some claims that it is good feature, I, for myself, don't think it's worth to have. I don't think the attack to USB communication could be mitigated by pinpad card reader. If such an attack is possible, a user already would be defeated. It is common for such card readers to have only numeric pads. That limits the entropy of passphrase, considerably. And, as far as I know, I don't know any implementation of card readers in the market, which firmware is Free Software. With user interface like pinpad input, it is more difficult for me to trust an implementation of such a card reader. -- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users