Chapter 1. Introduction

Table of Contents

1.1. The OpenPGP card

With GnuPG everybody has the chance to secure his communication.

To work with GnuPG on different machines (private PC, at work, with laptop etc.) the secret key has to be present on every machine. Distributing the secret key to a lot of different machines does not support its secrecy. Especially at work where other peple have root access on your machine it is not save to store your secret key. Starting with version 1.3.3 GnuPG supports smart cards to save your keys.

This Howto describes how to use GnuPG with a smart card distributed to fellows of the Free Software Foundation Europe.

In general cards that implement the OpenPGP card specification in version 1.0 or higher are supported by GnuPG.

1.1. The OpenPGP card

The OpenPGP Card is a smart card (standard size; ISO 7816-4,-8 compatible). Features of this card are:

  • 3 independent 1024 bit RSA keys (signing,encryption,authentication).

  • Key generation on card or import of existing keys.

  • Signature counter.

  • Data object to store an URL to access the full OpenPGP public key.

  • Data objects for card holder name etc.

  • Data object for login specific data.

  • Length of PIN between 6 and 254 characters; not restricted to numbers.

  • T=1 protocol; compatible with most readers.

  • Specification freely available and usable without any constraints.

  • Reasonably priced.