[libvirt] virtual smartcard support for GPG backend?
roky at openmailbox.org
roky at openmailbox.org
Sun Apr 26 13:28:29 UTC 2015
Hi. I am trying to get a virtual smartcard attached to a vm but I want
it to use GPG instead of NSS. RedHat focuses on NSS becuase of PKCS#11
requirements and FIPS approval, but for most of the community its GPG
that matters for smartcards.
Is is possible to use GPG on the host instead of NSS with virtual
smartcards? Please document how or add support for it.
Is using a virtual smartcard make the host less secure from a rogue vm?
If there are bugs in GPG/NSS backend on the host can they be abused by
untrusted code in the vm?
More information about the libvir-list
mailing list