l4-hurd
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Restricted storage

From: Marcus Brinkmann
Subject: Re: Restricted storage
Date: Thu, 01 Jun 2006 21:29:27 +0200
User-agent: Wanderlust/2.14.0 (Africa) SEMI/1.14.6 (Maruoka) FLIM/1.14.7 (Sanjō) APEL/10.6 Emacs/21.4 (i486-pc-linux-gnu) MULE/5.0 (SAKAKI) 
At Thu, 01 Jun 2006 10:28:57 -0400,
"Jonathan S. Shapiro" <address@hidden> wrote:
> 
> On Thu, 2006-06-01 at 12:40 +0200, Marcus Brinkmann wrote:
> 
> > For that reason I have some of my encryption keys on a smart card, on
> > which they were generated (the OpenPGP smart card).  Smart cards give
> > me the advantages of opaque storage that I care about, while reducing
> > the risks that I see in it to a bare minimum.
> 
> Fascinating. Even *Marcus* has a use case for storage that is opaque to
> the controlling user...

Not in principle.  The description of the off-card backup, which I
consider the better procedure, should have made it clear.  If there
were a simple, cheap mechanism that would ensure that only the owner
could read out the data on the smart card, I would go for it.

However, it is fairly easy to see that with todays smart card designs
that such a procedure does not exist.  There is a passphrase and an
admin passphrase, but they are not strong enough.  If they are made
strong enough, one can just save the actual key data instead of the
passphrase just as well, which is what I suggested.

If you were to give me a smartcard with a (probably signed) key on it
that I am not allowed to read out or to change, I would not consider
myself the "controlling user" or owner, in my terminology, in the same
sense that a passport belongs to the government, and not to the
holder.

Thanks,
Marcus
reply via email to
[Prev in Thread] Current Thread [Next in Thread]