Yubico Forum :: View topic - [QUESTION] NDEF configuration and OpenPGP card AID

Hello all and merry Christmass !
b) OpenPGP card has 0 for card manufacturer (test card) and 00000001 for serial number and it seems that this happens on all Yubikey NEOs. I read on github that you have an assigned manufacturer ID (06) and that the idea is to use Yubikey's serial as the OpenPGP card's serial on card's AID. So will you update your build script to e.g. run ykinfo -s to get the serial number and create a unique AID each time the applet gets uploaded on the NEO ? If I do this manualy (because I plan on updating the applet from available source on github) and set manufacturer ID to 06 and serial to my NEO's serial will that be futureproof or you have an alternative strategy ?

Thanks a lot for your time :-)

Hello all and merry Christmass !

b) OpenPGP card has 0 for card manufacturer (test card) and 00000001 for serial number and it seems that this happens on all Yubikey NEOs. I read on github that you have an assigned manufacturer ID (06) and that the idea is to use Yubikey's serial as the OpenPGP card's serial on card's AID. So will you update your build script to e.g. run ykinfo -s to get the serial number and create a unique AID each time the applet gets uploaded on the NEO ? If I do this manualy (because I plan on updating the applet from available source on github) and set manufacturer ID to 06 and serial to my NEO's serial will that be futureproof or you have an alternative strategy ?

Thanks a lot for your time :-)

MickFlemm wrote:

Hello all and merry Christmass !

b) OpenPGP card has 0 for card manufacturer (test card) and 00000001 for serial number and it seems that this happens on all Yubikey NEOs. I read on github that you have an assigned manufacturer ID (06) and that the idea is to use Yubikey's serial as the OpenPGP card's serial on card's AID. So will you update your build script to e.g. run ykinfo -s to get the serial number and create a unique AID each time the applet gets uploaded on the NEO ? If I do this manualy (because I plan on updating the applet from available source on github) and set manufacturer ID to 06 and serial to my NEO's serial will that be futureproof or you have an alternative strategy ?

Thanks a lot for your time :-)

We are doing some thinking around this. This will probably be addressed in the next release of the firmware, we will consider providing you with a script to do that.

Author:	MickFlemm [ Tue Dec 24, 2013 5:04 pm ]
Post subject:	[QUESTION] NDEF configuration and OpenPGP card AID
Hello all and merry Christmass ! I'm back for holidays and I decided to play with the NEO a little bit. So my NEO is 3.0.3 and I have the following questions: a) I tried to programm slot 2 to have a static password and then programm NDEF to export the static password from slot 2 instead of the OTP from slot 1. I used the personalization tool, selected slot 2 and pressed program. Nothing happened, I even tried switching to text from URI but still nothing. It seems it's hardcoded to always use slot 1 and use the original url. I had to re-programm slot 1 to contain the static password and use slot 2 for OTP (new key, uploaded on the server) to make it work (now NDEF exports the static password instead of the OTP). So is this normal, e.g. is this feature supported only on newer firmware versions or did I do something wrong ? b) OpenPGP card has 0 for card manufacturer (test card) and 00000001 for serial number and it seems that this happens on all Yubikey NEOs. I read on github that you have an assigned manufacturer ID (06) and that the idea is to use Yubikey's serial as the OpenPGP card's serial on card's AID. So will you update your build script to e.g. run ykinfo -s to get the serial number and create a unique AID each time the applet gets uploaded on the NEO ? If I do this manualy (because I plan on updating the applet from available source on github) and set manufacturer ID to 06 and serial to my NEO's serial will that be futureproof or you have an alternative strategy ? Thanks a lot for your time

Author:	guyome [ Wed Jan 15, 2014 11:00 pm ]
Post subject:	Re: [QUESTION] NDEF configuration and OpenPGP card AID
MickFlemm wrote: Hello all and merry Christmass ! b) OpenPGP card has 0 for card manufacturer (test card) and 00000001 for serial number and it seems that this happens on all Yubikey NEOs. I read on github that you have an assigned manufacturer ID (06) and that the idea is to use Yubikey's serial as the OpenPGP card's serial on card's AID. So will you update your build script to e.g. run ykinfo -s to get the serial number and create a unique AID each time the applet gets uploaded on the NEO ? If I do this manualy (because I plan on updating the applet from available source on github) and set manufacturer ID to 06 and serial to my NEO's serial will that be futureproof or you have an alternative strategy ? Thanks a lot for your time Any update on this ? How can we change the opengpg AID of NEO ? Should we modify the code and recompile the applet ? Thanks !

Author:	Tom [ Thu Jan 16, 2014 8:34 am ]
Post subject:	Re: [QUESTION] NDEF configuration and OpenPGP card AID
MickFlemm wrote: Hello all and merry Christmass ! b) OpenPGP card has 0 for card manufacturer (test card) and 00000001 for serial number and it seems that this happens on all Yubikey NEOs. I read on github that you have an assigned manufacturer ID (06) and that the idea is to use Yubikey's serial as the OpenPGP card's serial on card's AID. So will you update your build script to e.g. run ykinfo -s to get the serial number and create a unique AID each time the applet gets uploaded on the NEO ? If I do this manualy (because I plan on updating the applet from available source on github) and set manufacturer ID to 06 and serial to my NEO's serial will that be futureproof or you have an alternative strategy ? Thanks a lot for your time We are doing some thinking around this. This will probably be addressed in the next release of the firmware, we will consider providing you with a script to do that.

Author:	thomasb9511 [ Fri Oct 17, 2014 9:00 pm ]
Post subject:	Re: [QUESTION] NDEF configuration and OpenPGP card AID
Any update on this Tom wrote: MickFlemm wrote: Hello all and merry Christmass ! b) OpenPGP card has 0 for card manufacturer (test card) and 00000001 for serial number and it seems that this happens on all Yubikey NEOs. I read on github that you have an assigned manufacturer ID (06) and that the idea is to use Yubikey's serial as the OpenPGP card's serial on card's AID. So will you update your build script to e.g. run ykinfo -s to get the serial number and create a unique AID each time the applet gets uploaded on the NEO ? If I do this manualy (because I plan on updating the applet from available source on github) and set manufacturer ID to 06 and serial to my NEO's serial will that be futureproof or you have an alternative strategy ? Thanks a lot for your time We are doing some thinking around this. This will probably be addressed in the next release of the firmware, we will consider providing you with a script to do that. Any update on this?

Author:	Tom [ Mon Oct 20, 2014 7:38 am ]
Post subject:	Re: [QUESTION] NDEF configuration and OpenPGP card AID
Yes, all Yubikey NEOs are shipped with serial number now.

Yubico Forum https://forum.yubico.com/

[QUESTION] NDEF configuration and OpenPGP card AID https://forum.yubico.com/viewtopic.php?f=26&t=1266	Page 1 of 1

Author:	Tom [ Mon Oct 20, 2014 7:39 am ]
Post subject:	Re: [SOLVED] NDEF configuration and OpenPGP card AID
Yes, all Yubikey NEOs are shipped with serial number now.

Page 1 of 1	All times are UTC + 1 hour
Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/