Should Poldi lock the smart card when the screen locks?
Alexander Paetzelt | Nitrokey
alex at nitrokey.com
Wed Sep 25 14:13:04 CEST 2019
On 24.09.19 17:23, Franklin, Jason wrote:
>
>> What I was thinking about is a function in the OpenPGP Card standard
>> since version 3.1. It is possible to use the VERIFY command to reset the
>> access status to 'not verified' (see 7.2.2 of the current standard). [1]
>> This may does the trick. Of course, this solution would be limited to
>> OpenPGP Cards only.
>
> This sounds like a great idea. I would love to explore this further.
>
> I am very curious to see what Niibe thinks about this.
>
>
My message was a bit misleading, I am afraid. I mixed up some things in
my head...
The proposed "maybe-solution" would only work with newer cards following
the OpenPGP Card standard (v3.1). I am not sure if you would like to use
this for a general purpose screen locker. Thus, I guess the solution
that Werner proposed is much better (killing scdaemon when locking the
screen), especially because I think it is working for all cards that
make use of poldi. So this would be a more general approach. Did you
already think about that solution?
Kind regards
Alex
More information about the Gnupg-devel
mailing list