Il 17/06/2017 10:35, Werner Koch ha scritto: > gpg expects an OpenPGP card. For pkcs#15 you need to use gpgsm. As a > starter do > gpgsm --learn-card > which imports the certificates from such cards. There is no --card-edit > etc, because in general PKCS#15 cards are distributed personalized. > Having done --learn-card once you can use the keys from the card for > X.509 or CMS (aks S/MIME) stuff. Then I don't understand the reason for gpgsm (the "niche" it fills)... opensc already supports many cards, and can even edit some. And (via PKCS#11) Firefox and Thunderbird (and many other programs, but only one at a time) can use the cards for auth (and signing).
> But note, that PKCS#15 does not specifiy everything and card vendors > oftne implement proprietary extensions/modifications. As usual. But even openpgp RFCs are often implemented with proprietary extensions... > See gnupg/scd/app-p15.c for some hints. I'll have a look. Tks, Diego _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
