-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 On Tue, Jun 13, 2006 at 06:46:48PM +0100, Tristan Williams wrote: > > Then it makes me wonder what is the purpose of the off card backup > file sk_X.gpg created when the original private key was created via > the on-card method? > Huh, according to the OpenPGP card specification v1.1, the GENERATE KEY command returns only the public part of the key. If the backup file really contains the private key, then the key is _not_ generated on the card, even though you believe that it is. Look for yourself here:
http://g10code.com/docs/openpgp-card-1.1.pdf in section 7.2.11 at page 38. Have you checked what is inside the "backup" file? Of course, I might be wrong, but publicly available sources seem to tell that I'm right. I tried to dig into the gnupg source to see what is really happening, but it's too large :/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux) iD8DBQFEjwmfFtofFpCIfhMRA+O8AJwNTSdBzCBGPmJX6Sh6XqzJejTYLACdEfVI PdagoBhaeMOdwjq1AfYR0D4= =0vOZ -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
