Thanks for clarification! On Mon, Aug 27, 2018 at 11:51 AM, Werner Koch <w...@gnupg.org> wrote: > The connection between the card reader and the host is not encrypted > because that would require a key setup first and that would also be > subject to key logging.
The host could provide a public encryption key to the card reader. Of course: * With a tampered USB cable, there still would be attacks possible, though different ones. That is, unless the reader can know the identify of the host, which would again require a priori exchange, so nothing gained. * This is very likely not part of the existing API (PC/SC?). _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users