Re: pgpcard and opensc

Am Montag, den 15.05.2006, 22:12 +0200 schrieb Andreas Jellinghaus:
> Hi Christoph,
> 
> sorry, right now the openpgp card can only be modified with gnupg.
> so you need to use gnupg to use it / create keys / store keys etc.
So teh wiki information is wrong. This should be changed.

> in theory opensc has an emulation that can be used so we can
> use those keys on the card, too, but in practice I haven't heard
> of anyone using it successfully for a long time. if you find time
> to test, please report back, both success or failure, so we can
> have a look.
The problem is, that I can extract the keys, but for now I've only used 
certificates to authenticate against openvpn.
For the moment I don't know how to use this information for my setup.
pkcs15-tool -k gives three keys (sign,enc and auth), but without
certificates I cannot use a CA . I think I've to report failure ;) 
Nevertheless I will try to use this card, since there is a login field
saved on it.

> also I'm not sure how good the other applications will work with that card.
> nearly every app (except gnupg) expects some x.509 certificate on the
> card and I have no idea if those can be created and/or stored with gnupg
> on the card. but I think they can - at linuxtag I saw diagrams at the bsi
> booth that indicate gnupg can do both pgp and smime so I guess it can
> handle it.
Still not found how to import a cert to the card. 
A hint where to buy a card for testing would be nice (Germany).

Thanks
Christoph