On Sat, 22 Jun 2013 15:03, ndk.cla...@gmail.com said: > A smartcard could be useful anyway, at least as a "portable keyring" (if > it didn't need initialization on every machine...).
A USB memory stick fulfills the same purpose. > And key export could be controlled (like in MyPGPid card): private keys > can only leave the card encrypted under "certified" keys. There are several protocols for key migration from token to token. If you want to do your own, you should be aware of possible patent problems. In any case it is a really complex task and not easy to get right - if at all. > BTW, for the really "paranoid", readers with an integrated pinpad are > available: the PC never sees the PIN, so no installed sw can spoof it. > (even if what I'd prefer is a card w/ both a pinpad and a display...). Social engineering almost always work. And further, the display of your pinpad+display equipped reader does not show you what you are going to sign. Even further, there are several attacks on pinpad equipped readers - sure that your reader has not been bugged? Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
