After fighting two days with GnuPG Tools and the NK Pro, I would like to ask for an option to disable the question for UserPin when the NK is the first time used.
Currently it is possible to disable forced pin for signatures. In the same way it should be possible to disable the UserPin request , when the card is used the first time. That would made life a bit easier in a secure environment.
Today this is only possible with scripting the scdaemon (verify to pre-fill cache) and max the ttl of the cached pin and either provide the pin stored in a script or use e.g. a OS KeyChain to secure save the UserPin.
I am not sure if this needs to build into the openpgp card app or the communication wrapped around