AW: Smartcard Support, open system security, law,( certificate
sig removed)
Werner Koch
wk@gnupg.org
Sun Aug 24 16:38:02 2003
On Fri, 22 Aug 2003 10:07:02 +0200 (MET DST), Johan Wevers said:
>> revevealed to anyone; your own smartcard contains your own key - why
>> would you want to crack the card then?
> Not you, but an attacker who finds or steals the card would.
Thats for what revocations are used for.
>> Please give me some hints on how you can remotely compromise a private
>> key stored on a properly implemented smartcard.
> Someone could crack it, copy it to another card and then use it.
Without access to the physical card this is not possible. I was
talking about a remote compromise; i.e. by accessing your box and
reader over the net.
Shalom-Salam,
Werner
--
Werner Koch <wk@gnupg.org>
The GnuPG Experts http://g10code.com
Free Software Foundation Europe http://fsfeurope.org