Re: Any future for the Crypto Stick?

2013-12-02 Thread NdK
Il 01/12/2013 20:09, Tristan Santore ha scritto: > You might want to check out the Yubikey guys. They make a yubikey with > an openpgp applet. > https://www.yubico.com/2012/12/yubikey-neo-openpgp/ Yubikeys would be interesting, if only it would be possible to develop personal applets to load on 'e

Re: Any future for the Crypto Stick?

2013-12-02 Thread Thomas Harning Jr.
On Mon, Dec 2, 2013 at 9:24 AM, NdK wrote: > Il 01/12/2013 20:09, Tristan Santore ha scritto: > > > You might want to check out the Yubikey guys. They make a yubikey with > > an openpgp applet. > > https://www.yubico.com/2012/12/yubikey-neo-openpgp/ > Yubikeys would be interesting, if only it wou

Importing a PGP public key with no expiry date to GPG 1..4.2, sets the create_date to expiry_date & errors

2013-12-02 Thread Cts Onetemp
Hi     When I import a PGP public key that has "NO expiry" date, into GPG 1.4.2, it shows the key as expired & the PGP created date shows as 'expired date' . Is this a bug? or is there a way to force GPG to not set the expiry date from the created date?  When I try to encrypt with the PGP public

IMporting PGP public key into GPG 1.4.2 with no expiry shows as expired in GPG

2013-12-02 Thread Cts Onetemp
Hi     When I import a PGP public key that has "NO expiry" date, into GPG 1.4.2, it shows the key as expired & the PGP created date shows as 'expired date' . Is this a bug? or is there a way to force GPG to not set the expiry date from the created date?  When I try to encrypt with the PGP public

Re: Any future for the Crypto Stick?

2013-12-02 Thread Peter Lebbing
On 02/12/13 15:24, NdK wrote: > Who can you really trust? If you don't trust NXP, then you can't use any > of their JCOP chips... What would stop 'em from adding an undocumented > command to the card manager that dumps the whole memory? Exactly the point I was going to make when I read your mail u

Re: Any future for the Crypto Stick?

2013-12-02 Thread Andreas Schwier (ML)
Wait a second - you can not simply hide a backdoor in a Common Criteria evaluated operating system. There are too many entities that would need to be involved in the process: The manufacturer, the evaluator, the certification body and possibly a national regulator (Here for example NXP, TÜV-IT, BSI

Re: Any future for the Crypto Stick?

2013-12-02 Thread Peter Lebbing
On 02/12/13 20:37, Andreas Schwier (ML) wrote: > Wait a second - you can not simply hide a backdoor in a Common Criteria > evaluated operating system. There are too many entities that would need > to be involved in the process Why couldn't the manufacturer simply put a different, backdoored firmwa