I ran into a problem which I couldn't find any solution in the docs.
A very secure computer A, a less secure computer B, an openpgp card (e.g.
yubico), all completely fresh installed/clean/empty.
The key pair is to be generated and kept on computer A, and put on the openpgp
card using computer A.
The key is then to be used on computer B by using the openpgp card.
The procedure by design is that A would upload the pubkey to a keyserver (or
export as a file) after key generation. When connecting the card to B, B doesn't
know about the key yet, but through gpg --card-edit and fetch (or importing a
pubkey file), B would learn about the pubkey and then learn from the openpgp
card about available keys and create it's secret key files which are in fact
just stubs pointing to the openpgp card.
That works as expected and described in the docs.
But it contradicts itself.
If A is to be kept *really* secure, it must not have any network contact and not
export any files from the point of time where the keys is generated. It
therefore cannot upload anything to keyservers and not export any pubkey files.
Now there are two problems (with some aspects of chicken-and-egg):
- B can never learn about the availability of the secret keys on the openpgp
card, since it accepts secret keys on cards only after having the pubkeys.
- There is no way to publish (or even have outside A) the pubkey/ID of the key.
Therefore, gnupg running on B should be able to
- learn about secret keys even in absence of the pubkey
- should be able to generate the pubkey with a given ID (as in the key creation
At least I did not find anything about that in the docs.
The current way to force the computer which generates the pubkeys to contact key
servers or export files is by design not really secure.