In both the product description for the OpenPGP V2.0 card and the spec itself there is some discussion of a "Cardholder Certificate" Data Object in the V2.0 cards.
I've got one of those free X.509 email certificate from Comodo, and was attempting to upload it to the card. I can import the .p12 file into gpgsm, but then it resides in a file under .gnupg. Firstly, can I actually import a certificate like this onto the card? Or do I simply misunderstand the specs? Secondly, is there a command somewhere in gpg/gpgsm/gpg* to do this, or is it specified and implemented on the OpenPGP card only at this point in time? Thirdly, the SCUTE docs start by generating a certificate request from your OpenPGP authentication key. In this scenario, are you just using the Same RSA key for both your OpenPGP and X509 certificates? Does the certificate imported into gpgsm just contain the public key and the CA's signature and somehow defer operations to the card? -- -Grant "Look around! Can you construct some sort of rudimentary lathe?"
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
