I really like your " The Nitrokey Family" table on your www.nitrokey.com site. Also that the fact sheets are available and a very good comparison of the different features. Only one thing I miss is the type of secure card you are using as this makes a difference which software could be used.
In some of the fact sheets it is mentioned ( e.g. OpenPGP Card Version 3 for the NitrokeyPro 2 or OpenPGP Card V2 with ECC for the start) For HSM or Storage 2 I have not found the information ?
I know it is minor, but could be helpful when you try some software which ends up in “oh, this card doesn’t support this …” - “grml!#*+”
For Nitrokey Storage, that information is stated in the factsheet. For Nitrokey HSM, it’s lacking indeed (it is latest SmartCard-HSM 3.3 as of now). I’m a bit reluctant to add such information to the family table on the front page because I think it’s a detail which better fits into the factsheet rather than to enlarge the large table even further.
While I understand that some detailed information may be too detailed for the table, it is also missing in the fact sheets.
I did a short mindmap comparison of the fact sheets and found some points I stumbled
- The structure has slightly changed between the models. Which is normal as it also shows the timeline of development. E.g. Storage 2 / Pro 2 mention Windows twice: under Applications and also under OS Systems. Later (HSM2, Start, FIDO2, FIDO U2F) the first entry is gone.
- The same kind of duplication is happening for the Key algo’s : Start / HSM have a generic mentioning, while Storage/Pro combine that wit the key length ( which is duplicated for Start/HSM)
- You also switched from TRNG to RNG ? Pro2 / Storage 2 mention the Speed, while HSM miss that but mention the quality ?
- For HSM you mention calculation speeds generic and for key creation. This is not mentioned for any other Nitrokey ? You have mentioned for one key in the description that 4096 will take 8 sec. (for what ?)
- Firmware Updates possibilities are not consistent described ( mentioned for FIDO2 , but also possible for Storage2, HSM and Pro (?) )
- For HSM2 I would add also the following Standards to your first section: DKEK, CVC BSI-TR-03110, PCI-DSS, Certificate Authority regarding Standard xxx
- As as Userinterface you mention LED’s with 1-3 colors, but I miss the color coding/function (same with touch-button where available)
In the table I would correct the number “xx” of HSM Keys to “max. xx” as this depends on the size of the keys.
All above are minor details and not in anyway critical for the usage. I just stumbled that some things are working with one card, while others not.