Menu
▾
▴
[Opensc-devel] OpenSC and Yubikey 4 (OpenPGP)
|
From: Grzegorz K. <gk...@le...> - 2017-12-31 00:43:58
|
Hello, Excuse me if it was answered before but I can't find it anywhere. Also excuse my ignorance in SC standards and protocols. I think that OpenSC supports normal OpenPGP cards for some time, directly, without software like scute. For example there is openpgp-tool and with opensc-pkcs11.so programs like Firefox can access OpenPGP card as a key/cert store for TLS client certificate auth. Yubikey 4 is supposed to emulate OpenPGP card (and support other protocols, including PIV and U2F). But openpgp-tool doesn't seem to work with Yubikey 4 and opensc-pkcs11.so loaded in Firefox seems to only discover PIV side of Yubikey 4. Also https://github.com/sektioneins/micro-ca-tool does not seem to talk with Yubikey 4, probably because OpenSC doesn't recognize it as OpenPGP card. Since in our organization we care about compatibility with "normal" OpenPGP cards, we want to configure OpenSC to support Yubikey 4 as a normal OpenPGP card (in addition or instead of PIV). Is it possible? If not: why? If yes: how? Thank you in advance. -- Grzegorz Kulewski |
