[Gnuk-users] factory-reset
Jan Suhr
jan at nitrokey.com
Tue Oct 11 07:58:19 UTC 2016
Dear Niibe!
As you know we provide Nitrokey Start which is flashed with Gnuk 1.0. In
general its working fine except one issue: Once all PINs are locked the
device can't be reset easily. In consequence users who face this issue
(and who usually don't want to flash the device themself) needs to
return the device to us. Of course not all users are experts so that
unfortunately many users are facing this issue.
If in the future we ship the more attractive Gnuk 1.2 I'm afraid that
even more users will block their device. From my perspective it would be
much better if Gnuk behaves like original OpenPGP Card which can be
factory-reset without any PIN. Of course you have your good reasons to
built Gnuk as it is. Perhaps it would be a solution to provide a
compilation option to enable/disable device reset?
Alternatively: I don't know the end-to-end use case for the reset code.
Is it desired for enterprise scenarios where the company provides Gnuk
devices to their employee? What I have in mind is: Would it be an option
to change reset code so that it could trigger a factory-reset?
Please let me know what you think.
Best regards,
Jan
More information about the gnuk-users
mailing list