Submitted by Anonymous on 29. novembre 2024 - 13:16
1) Could it be that the reason why your competitor doesn't allow updating firmware is that will allow an attacker to flash their malicious firmware when the key is plugged into computer? Is that a concern? If not: does Nitrokey today not allow that because it checks if the firmware is signed by the company Nitrokey?
2) When would Nitrokey support curve 448 keys for PGP keys? This matters more for those who do not believe curves where NIST had more control.
3) Given there is schism between OpenPGP (=sequoia pgp) and LibrePGP (=gpg), would Nitro support both keys in future?
1) Could it be that the reason why your competitor doesn't allow updating firmware is that will allow an attacker to flash their malicious firmware when the key is plugged into computer? Is that a concern? If not: does Nitrokey today not allow that because it checks if the firmware is signed by the company Nitrokey?
2) When would Nitrokey support curve 448 keys for PGP keys? This matters more for those who do not believe curves where NIST had more control.
3) Given there is schism between OpenPGP (=sequoia pgp) and LibrePGP (=gpg), would Nitro support both keys in future?