On 20.02.15 15:27, NdK wrote:
>>> 5 - possibility to export private keys to user-certified devices
>> > That pretty much defeats the point of using a smart card in the first 
>> > place.
> That's not "uncontrolled export", and in fact…
> …(snip)…
> while importing a key (so that you "can't" alter -actually
> it's just "really hard", but doing that should invalidate signatures on
> your master key!- the policy by exporting from a device and importing on
> another).
> 

There in lies the problem. It's really hard -> it's doable.

What is the use case that absolutely needs exportable master keys?

-- 
Ville

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Reply via email to