Werner Koch wrote: > On Mon, 14 May 2007 10:44, [EMAIL PROTECTED] said: >> something's wrong. Can the OpenPGP Card be set to do one operation per >> pin entry when used with a card reader that has a keypad? This seems > > Yes, use the command "forcesig" in the --card-edit menu to toggle this > feature. However it does not help you if the host has been compromised > and the admin PIN is know. You can always bypass the requirement to use > the keypad. With some social engineering this make it easy to get > control over the card.
That sounds great. If I understand correctly, you rarely need to use the admin PIN, so it would be unlikely to be compromised. For example you could use the admin pin only after booting from a CD. >> not in use, so that if my device falls into the wrong hands, I won't >> have to worry too much. Does the OpenPGP Card encrypt the keys while >> stored on the card? > > No, that does not make sense - the standard security features of the > chip are employed to make probing the chip difficult and expensive. Why doesn't it make sense? The chip's security features make it fairly secure. But having the keys encrypted on the card would make it highly secure. As long as the passphrase hadn't been captured, like after being lost, stolen, or confiscated. >> Also, the OpenPGP Card appears to be from a german organization, like > > That is not correct. I have developed the specs along with Achim Peitig > of a Paderborn card vendor. Achim wrote the implementation. It was > done all on our own money and for our fun. Only later the BSI (The > German federal IT security agency) mentioned this card as a good example > of a usable smart card without vendor lock in. Can the person who loads the software onto the cards be given orders by the German court? >> the one that developed the Java Anonymous Proxy, and was forced by the >> german government to back door the software. Does the german government > > JAP has not been backdoored but the organisations running a JAP server > have the ability to log the IP addresses. OK, not backdoored, just compromised. > The case you have in mind is > that the lists of IP addresses have been handed over to the prosecution > authorities. IIRC, they have not been forced to do this but did this > voluntary. According to this article http://www.theregister.co.uk/2003/08/21/net_anonymity_service_backdoored/ it was mandated by the courts. ...the JAP team replied to the thread, admitting that there is now a "crime detection function" in the system mandated by the courts. But they defended their decision: "What was the alternative? Shutting down the service? The security apparatchiks would have appreciated that - anonymity in the Internet and especially AN.ON are a thorn in their side anyway." > That is basically the same as with a TOR server: It is > possible to log things to help the prosecution but no sane person wouild > do this. Are the authors of the Java Anonymous Proxy not sane? If they would do it, why not ZeitControl? > My company is running a heavy loaded exit node > (allium.gnupg.org) and we get about one request a fortnight to tell the > IP address. Obviously we don't do that and usually a few minutes talk > is today sufficient to explain them that this is an anoymizer server and > that there is no chance to get to the IP address of the previous node. What will you do if the court orders you to turn on logging, hand over the logs, and keep it secret? _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
