Smart card
Wouter Verhelst
w at uter.be
Sat Apr 8 10:16:36 CEST 2017
Hi Will,
On Mon, Apr 03, 2017 at 06:18:59PM -0500, Will Senn wrote:
> Are smartcards out of vogue?
No.
Smartcards are useful. They ensure that the private half of your key is
never on any hard disk or other general storage device, and therefore
that it cannot possibly be stolen (because there's only one possible
copy of it).
Smartcards are a pain in the ass. They ensure that the private half of
your key is never on any hard disk or other general storage device but
instead sits in your wallet, so whenever you need to access it, you need
to grab your wallet to be able to do so, which takes more effort than
just firing up GnuPG. If your laptop doesn't have a builtin cardreader,
you also need to fish the reader from your backpack or wherever, etc.
Additionally, unfortunately accessing smartcards from software isn't
always an entirely painless operation, and that may result in things
like https://twitter.com/wouter_verhelst/status/844686341711581185
My most recent key uses a smart card from kernelconcepts (who are very
much still alive -- at $WORK we recently bought two of their cards as
well), but I don't recommend it to everyone, and I certainly wouldn't
recommend it if you're just getting started with GnuPG.
Regards,
--
< ron> I mean, the main *practical* problem with C++, is there's like a dozen
people in the world who think they really understand all of its rules,
and pretty much all of them are just lying to themselves too.
-- #debian-devel, OFTC, 2016-02-12
More information about the Gnupg-users
mailing list