> This brings up what is probably a dumb question: > > - If I'm just using the smartcard to store the private key, is there any > advantage (security-wise) to using a smartcard over, say, a CD-R? I.e., > can the smartcard be secured in some way to only allow the key to be > copied off only if a password is presented? Or perhaps, have the > smartcard do all the decryption internally (and be impossible to copy > the key off)?
Most smartcards are set by default to: - never ever allow to export a secret key. - you can create a key on the smartcard, or import one from your pc - to use a secret key you will need to enter the pin first. - usualy you can configure the smartcard to die after the pin is entered incorrectly several times. some cards only lock, and there is a puc to unlock the card. the puc might also have a retry counter. And some cards are very flexible, so you can create any a situation like above with any parameters you like. Regards, Andreas _______________________________________________ Muscle mailing list [EMAIL PROTECTED] http://lists.musclecard.com/mailman/listinfo/muscle
