![]() Most cards support a maximum of 2048 bits.Keys shorter than 2048 bits are considered insecure.In the best cases, it is possible to build working solutions without using any non-free or binary artifacts from the vendor, except for those in the card itself. Some vendors provide binary (closed source) drivers for Linux, but it is not always necessary to use these drivers. By definition, a smartcard is a secure device and the software can not be changed at will. This software is rarely free software within the principles of the Debian Free Software Guidelines - however, the software on the Debian system is completely free. Smartcards have their own internal software and operating systems. However, GnuPG can also use regular PKCS#11 cards with the help of OpenSC and the GnuPG PKCS#11 project ![]() For the GnuPG use-case (signing email), they are easy to use and therefore quite popular - however, to use a card for general purpose activities such as web authentication, VPN and disk encryption, they may not be satisfactory. OpenPGP cards are a special type of card that are designed for use with GnuPG. This page describes the PKCS#11 style cards. There are two main types of solution on Debian, the OpenPGP based cards or the PKCS#11 style cards. ![]() By carefully selecting the right combination of smart cards and card readers, a fully functional system can be implemented with Debian.All cards, readers and software are not interchangeable. A smartcard architecture is quite complicated and it is not currently possible to mix-and-match any random combination of cards and readers in a plug-and-play manner. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |