On 07/01/2014, Sam Kuper <sam.ku...@uclmail.net> wrote: > On 06/01/2014, Werner Koch <w...@gnupg.org> wrote: >>>> The question is whether this is really helpful. Yes, it protects your >>>> PIN > > That is helpful. No question about this part!
Perhaps I should be clearer about why I believe it is unquestionably helpful for OpenPGP-compatible smart card readers to be trustworthy and to have pinpads. **Scenario 1: There is no doubt that the local machine is secure and completely free of malware.** In this case, there is no need for a pinpad; but there is also no need for an OpenPGP smart card. To address other threats (e.g. physical theft), the user's auth/sign/enc keys should of course be passphrase-protected; and they can additionally be stored in and/or backed up to an encrypted folder, for instance on a USB stick if portability is desired. **Scenario 2: There is some doubt about the local machine, such that the procedure outlined in scenario 1 is not considered sufficiently secure.** In this case, storing the private keys on an OpenPGP card will prevent them from being stolen; but any machine about which this level of doubt exists cannot be assumed to safeguard the PIN(s) of an OpenPGP card. Therefore, the solution here is to use an OpenPGP card and a card reader with a pinpad. I believe that in respect of any local PC, these two scenarios are exhaustive. It follows that I don't see much (any) value in a card reader without a pinpad. Nevertheless, perhaps that belief is wrong. If so, then I'm happy to stand corrected. In the meantime, I hope I can find a small form-factor OpenPGP-compatible smart card reader with a pin pad. I would be grateful for pointers :) Regards, Sam _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users