Hi Martin, > Would you consider applying the necessary patches to make the most out of > CryptoStick + GPGTools + OpenSC?
I think we might now be ready to accept patches / integrate needed changes to MacGPG2 in order to push OS X Lion to a first class CryptoStick/OpenSC citizen. The current MacGPG2 2.0.18 sources (including build script) are available here: https://github.com/GPGTools/MacGPG2/tree/buildscript We just need someone to coordinate this effort (I think nobody in our team is using an OpenPGP smart card). Best regards, Alex On 14.07.2011, at 14:28, Martin Paljak wrote: > Hello, > > I tried to set up a German Privacy Foundation CryptoStick v1.2 [1] > OpenPGP smart card on OS X 10.6. After downloading the latest GPGTools > package everything worked almost smoothly. > - scdaemon by default wants to connect to the reader in exclusive > mode. This will fail if OpenSC.tokend (which also has support for > OpenPGP cards) is installed, as it opens a shared session to the card > after it has been plugged in. > - scdaemon seems to hang every now and then, the tip from the > internet to "kill scdaemon and plug your device in one more time" > seems to work. I have not debugged this, but it might be useful > > Whether using exclusive mode is right or wrong (this has been heavily > debated several times on opensc-devel), it would be nice if the user > at least had an option to tune this behaviour ("require exclusive mode > (on by default)" vs "work in shared mode, with transactions") > > I could provide a patch for a "more permissive co-operation mode" by > default (meaning disable exclusive mode in scdaemon). Also, one of the > reasons for playing with crypto stick is 4k RSA keys in hardware, > which are supported by the device but not possible without patching > GnuPG [2] > > As Ubuntu 11.04 has some unidentified problems with the device which I > don't have the time to debug (as I'm using gpg2 only to initialize the > card) I'll stick to GPGTools, which is also the platform of my laptop. > Would you consider applying the necessary patches to make the most out > of CryptoStick + GPGTools + OpenSC? I could look into providing > pullable changes after I've digested how building the full installer > from Github works.. > > Best, > > Martin > > P.S.: why does the -devel list require subscription to view the > archives? Should I write there instead or is it a semi-closed list? > > [1] http://www.privacyfoundation.de/crypto_stick/crypto_stick_english/ > [2] https://www.privacyfoundation.de/wiki/CryptoStickSoftwareEn#A4096_Bit_keys > > _______________________________________________ > gpgtools-users mailing list > gpgtools-users@lists.gpgtools.org > FAQ: http://www.gpgtools.org/faq.html > Changes: http://lists.gpgtools.org/mailman/listinfo/gpgtools-users > Unsubscribe: > http://lists.gpgtools.org/mailman/options/gpgtools-users/a...@gpgtools.org?unsub=Unsubscribe&unsubconfirm=1 > > This email sent to: a...@gpgtools.org -- http://gpgtools.org http://gpgtools.org/about (Google+, Twitter, RSS) _______________________________________________ gpgtools-users mailing list gpgtools-users@lists.gpgtools.org FAQ: http://www.gpgtools.org/faq.html Changes: http://lists.gpgtools.org/mailman/listinfo/gpgtools-users Unsubscribe: http://lists.gpgtools.org/mailman/options/gpgtools-users/arch...@mail-archive.com?unsub=Unsubscribe&unsubconfirm=1 This email sent to: arch...@mail-archive.com
