On Wed, Jan 28, 2015 at 1:46 AM, NIIBE Yutaka <gni...@fsij.org> wrote: > From the viewpoint of getting unencrypted private key, it's like: > > On flash ROM: Private key encrypted ------\ > \ > On flash ROM: DEK encrypted --\ [AES]--> Private key > [AES]-> DEK --/ > Passphrase --[S2K]--------------/
Thanks a lot for this explanation! > From this point, it is better for smartcard/token, not to have other > "useful features". I still would feel more comfortable with a pinpad, or some hardware button (see thread “crypto device where I need to confirm every operation?”). _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
