On Mon, 14 May 2007 16:21, [EMAIL PROTECTED] said: > My personal opinion is that, at the current state of "security" in today's > OS-es, smart cards give just a false sense of security in typical usage > scenarios (= when used on a general-purpose, networked workstation).
Smart cards have one important advantage: You can't compromise the key - you need the actual card for operation. For example the card I use to sign tarballs may be used on a comprimised computer and I sign something different than I believe to do. Eventually this will get noticed and then I can identify the packages I signed (due to the signature counter on the card). There is no need to give up on the key - just the signatures are not done correctly. For a long term key where the public part is widely deployed this is a real benefit. Salam-Shalom, Werner _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
