Open jans23 opened 1 year ago
I don't think this is part of the standard. It is part of gnuk under the name "admin less" mode, which is entered by changing the user pin away from the default before changing the admin pin.
I think this is a pretty confusing feature. It is enabled by doing an action that has no indication to be enabling this, and there is no UI to report this.
I think at best a compromise would be to enable it explicitly through nitropy or the nitrokey app instead of doing it implicitly.
Explicit configuration sounds good
Would it be problematic for the client software, if Single PIN would be made the default behavior?
No. However it would be very confusing for someone used to other gpg smartcards, and ui would still ask for the both pins when only one is expected.
I do agree that this is a feature that makes a lot of sense though, and I understand why gnuk does it this way: if you change the user pin but keep the admin pin default, you can still reset the user pin using the default admin pin, which can be dangerous for a user that doesn't think about changing the admin pin.
No. However it would be very confusing for someone used to other gpg smartcards, and ui would still ask for the both pins when only one is expected.
That's true, but perhaps indifferent for the low-tech user. The target audience for this solution is a person not used to smart cards, hence it sounds sensible to make it a default. This solution is similar to FIDO2 single PIN.
OpenPGP Card specification allows to unify User PIN and Admin PIN. This would be a nice feature for Opcard.