Kmail and signing
Aldo Latino
aldolat at gmail.com
Wed Mar 3 20:29:27 GMT 2021
In data martedì 2 marzo 2021 22:57:00 CET, Ingo Klöcker ha scritto:
> [...] I think you should be able
> to configure your YubiKey to ask for the PIN for every signing operation if
> that's what you want.
I changed the behaviour. Now GnuPG asks me the PIN for every signing
operation.
> > I should see if I can have both the OpenPGP
> > key and the S/MIME certificate in my Yubikey, which is very convenient to
> > use.
>
> The upcoming GnuPG 2.3 will support the PIV smartcard application
> additionally to the OpenPGP smartcard application. If your YubiKey supports
> the PIV application (my YubiKey 5 does), then you could store your S/MIME
> certificate on your YubiKey additionally to your OpenPGP keys. If I
> remember correctly, then uploading the signing key to the PIV application
> is not possible because the PIV specification requires the signing key to
> be generated on-card. The encryption key/certificate can be uploaded to the
> PIV application.
I managed to upload my S/MIME certificate in the slot 9c of my YubiKey 4, which
supports the PIV application.
Is there a way to use the S/MIME certificate stored in the YubiKey, instead of
the certificate imported in Kleopatra? I would like to enter a PIN instead of
the passphrase for every signing operation.
Thank you, Ingo, for your help. Much appreciated.
--
Aldo Latino
aldolat at gmail.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part.
URL: <http://mail.kde.org/pipermail/kdepim-users/attachments/20210303/92ac76ad/attachment.sig>
More information about the kdepim-users
mailing list