af-anssi
commented
5 years ago I cannot recommend you a specific card. From a security point of view, I can just recommend you choose a certified card that matches those pre-requisites and the ability to load and to install an applet (with this tool for instance); it means the card uses known default keys to establish a secure channel with the issuer security domain, or you must know the custom keys that have been configured.
For an optimal use of SmartPGP, I would also recommend you to check if the Elliptic Curves Cryptography supported by the card fits your needs (supported curve sizes, on-board generation of EC keypairs); this is not mandatory even if your card supports JavaCard 3.0.4, see issue 15.
Once you identify a card that matches your needs, do not hesitate to ask us here with a reference precise enough; maybe we or @martinpaljak or @dschuermann have an instance of that card which could help you to know if it meets all requirements or not.
martinpaljak
dschuermann
I'm looking at getting started with SmartPGP and I'm not really sure which card would work best or whether all cards are created equal. I've been looking around I've seen that a
NXP J3A081is compatible.Thanks!