Information about smart card tokens (product links for US residents)
Hi,
Firstly, since it is also being sent to debian-devel nothing in
this mail is private.
I have been wanting to investigate using a smart card to put my
gpg subkeys, but most of the information about Linux support is
scattered, and seems to be skewed towards the FSFE's fellowship card,
which is not an options for those of us not in Europe. Also, buying the
card from kernel concepts in .de is expensive, since shipping costs
seem to outweigh the cost of the card itself.
I also found it very hard to get information about supported
hardware, so I decoded to put my research effort into this email (and
into a del.icio.us bookmark, below). If someone has used any of these
things chimes in with which of these can be used with signing subkeys,
as opposed to having the key generated and kept on the card, I'd
appreciate it.
So, the starting point was wikipedia [0],
which feed into the fsfe card [1], and the place to buy it from [2].
0: http://en.wikipedia.org/wiki/OpenPGP_card
1: http://www.fsfe.org/en/card
2: http://www.kernelconcepts.de/en/shop/products/security.shtml?hardware
Unfortunately, this is expensive for people not in europe, so I
want looking for compatible hardware. The GnuPG howto[3] has an
(incomplete, old) list of hardware, but the libccid[4] page has an updated
list of hardware. This was good, I can see lots of things that are
available this side of the pond.
3: http://www.gnupg.org/howtos/card-howto/en/ch02s02.html
4: http://packages.debian.org/unstable/libs/libccid
I was also pointed to the M.U.S.C.L.E. page (Movement for the
Use of Smart Cards in a Linux Environment) [5], and mailing list
archives for muscle[6] -- I have yet to read them, but on skimming there
seems to be a lot of useful information can be gleaned from them
5: http://www.linuxnet.com/info.html
6: http://archives.neohapsis.com/archives/dev/muscle/
I found a FAQ [7] for opensc, and other software[8], [9] for
supporting smart card readsers in Debian.
7: http://www.opensc-project.org/faq.html
8: http://pcsclite.alioth.debian.org/
9: https://alioth.debian.org/frs/?group_id=30112
Now, the issue about hardware that people in the US can buy, and
the cards that the supported readers can read. [3] amd [4] above do not
talk about cards, so I was happy to find [10], which has a whole slew
of free software supported hardware that people in the USA can get.
10: http://www.usasmartcard.com/index.php?option=com_virtuemart&page=shop.browse&category_id=22&keyword=&manufacturer_id=0&Itemid=26&orderby=product_name&limit=50&limitstart=0
I also found keyboards [11], [12] (not sure if [12] is
supported), and some supported USB card readers [13], [14] (though 14
might be obsoleted and out of stock).
11: http://www.cdw.com/shop/products/default.aspx?EDC=651161
12: http://www.cdw.com/shop/products/default.aspx?EDC=823253
13: http://www.cdw.com/shop/products/default.aspx?EDC=1044563
14: http://www.cdw.com/shop/products/default.aspx?EDC=570512
There is even information for people wanting to code to these
cards [15], [16]
15: http://www.linuxnet.com/musclecard/index.html
16: http://web.inf.tu-dresden.de/~ko189283/MuscleCard/MuscleCardArticle.html
manoj
http://del.icio.us/srivasta/smartcard
--
As flies to wanton boys are we to the gods; they kill us for their
sport. Shakespeare, "King Lear"
Manoj Srivastava <srivasta@debian.org> <http://www.debian.org/~srivasta/>
1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C
Reply to: