On 11.12.2018 19:11, Damien Goutte-Gattat via Gnupg-users wrote: > On Tue, Dec 11, 2018 at 12:35:57PM +0100, Alessandro Vesely wrote: >> Is it possible to get OpenPGP functionality on one of those >> contactless cards? > > I know of at least one NFC-enabled OpenPGP card, the "Fidesmo > Card" [1]. > > I never tested it, but from what I remember when I delved into > their site, the OpenPGP feature of that card is provided by the > same JavaCard applet than the one used in the Yubikey NEO. Which > means, among other things, that it does not implement version 3 of > the OpenPGP Card specification (so, no ECC keys), and does not > support RSA keys larger than 2048 bits.
I'm using Fidesmo and it works fine with OpenKeychain, and also through USB NFC reader with GnuPG. The note about keys is correct, no ECC, RSA only up to 2048 bits. There are two ways of getting 4096 bits with NFC as far as I'm aware: Yubikey 5 and Cotech Card. The latter I've never seen in real life but given that this is from the same people that created OpenKeychain I believe it's legit :) [0]: https://www.yubico.com/product/yubikey-5-nfc/ [1]: https://www.cotech.de/docs/hw-supported-hardware/ Most hardware that supports ECC either supports it only in PIV applet (so not applicable to OpenPGP) or doesn't use tamper-resistant hardware (depending on one's threat model this may or may not be OK). On 11.12.2018 19:51, Alessandro Vesely wrote: > Fidesmo looks better, except for its depending on the Fidesmo Card App Store. You don't need the store if you buy the card with OpenPGP (or PGP as they call it) applet preinstalled. This store is only needed to customize what is in the card, once PGP is installed you don't need it as Fidesmo PGP speaks standard protocol. Disclaimer: I'm not affiliated with any of these companies but I got the Fidesmo card for free for contributing to OpenKeychain [2]. [2]: https://www.openkeychain.org/pr-incentive Kind regards, Wiktor -- https://metacode.biz/@wiktor _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
