On 11/06/17 21:05, Matthias Apitz wrote: > I know, but I want to change the passphrase, not the PIN.
They are the same thing, it's just a choice of terminology. Since user authentication to a smartcard is traditionally done using numerics only and card readers with PINpads also usually only use numerics, the term PIN has become commonly used (Personal Identification Number[1]). But under GnuPG, you can use alphanumerics and symbols, and it is more correct to call it a passphrase. Put differently: the secret key stub on disk is a mere unencrypted reference to a specific smart card. And what then unlocks the smartcard is the PIN or passphrase passed to the card, which is set as Werner indicates. There is only one authentication involved, not two. (It's still two-factor authentication, so that last sentence needs to be taken in the proper context). HTH, Peter. [1] I'd say "Identification" is a misnomer, it's authentication instead. Identification is the mere act of naming something, authentication is providing a means to prove something is authentic, is true, is not fake. You could identify yourself as Peter Lebbing, but it almost surely would not be authentic. (I've always fancied bringing up this point when the police asks me to "identify myself", but it would be a very bad idea in practice probably :-) -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
