diff --git a/g10/call-agent.c b/g10/call-agent.c
index 6ee82a5a4..463050638 100644
--- a/g10/call-agent.c
+++ b/g10/call-agent.c
@@ -704,6 +704,10 @@ learn_status_cb (void *opaque, const char *line)
       xfree (parm->private_do[no]);
       parm->private_do[no] = unescape_status_string (line);
     }
+  else if (keywordlen == 3 && !memcmp (keyword, "KDF", 3))
+    {
+      parm->kdf_do_enabled = 1;
+    }
 
   return 0;
 }
diff --git a/g10/call-agent.h b/g10/call-agent.h
index 7314ae87b..d7f102c2e 100644
--- a/g10/call-agent.h
+++ b/g10/call-agent.h
@@ -71,6 +71,7 @@ struct agent_card_info_s
     unsigned int kdf:1;    /* KDF object to support PIN hashing available.  */
   } extcap;
   unsigned int status_indicator;
+  int kdf_do_enabled;      /* Card has a KDF object */
 };
 
 
@@ -192,14 +193,14 @@ gpg_error_t agent_keywrap_key (ctrl_t ctrl, int forexport,
 gpg_error_t agent_import_key (ctrl_t ctrl, const char *desc,
                               char **cache_nonce_addr, const void *key,
                               size_t keylen, int unattended, int force,
-			      u32 *keyid, u32 *mainkeyid, int pubkey_algo);
+                              u32 *keyid, u32 *mainkeyid, int pubkey_algo);
 
 /* Receive a key from the agent.  */
 gpg_error_t agent_export_key (ctrl_t ctrl, const char *keygrip,
                               const char *desc, int openpgp_protected,
                               char **cache_nonce_addr,
                               unsigned char **r_result, size_t *r_resultlen,
-			      u32 *keyid, u32 *mainkeyid, int pubkey_algo);
+                              u32 *keyid, u32 *mainkeyid, int pubkey_algo);
 
 /* Delete a key from the agent.  */
 gpg_error_t agent_delete_key (ctrl_t ctrl, const char *hexkeygrip,
diff --git a/g10/card-util.c b/g10/card-util.c
index dc4c0e646..45ae3ddb4 100644
--- a/g10/card-util.c
+++ b/g10/card-util.c
@@ -612,6 +612,11 @@ current_card_status (ctrl_t ctrl, estream_t fp,
       tty_fprintf (fp,    "PIN retry counter : %d %d %d\n",
                    info.chvretry[0], info.chvretry[1], info.chvretry[2]);
       tty_fprintf (fp,    "Signature counter : %lu\n", info.sig_counter);
+      if (info.extcap.kdf)
+        {
+          tty_fprintf (fp, "KDF setting ......: %s\n",
+                       info.kdf_do_enabled ? "on" : "off");
+        }
       tty_fprintf (fp, "Signature key ....:");
       print_sha1_fpr (fp, info.fpr1valid? info.fpr1:NULL);
       if (info.fpr1valid && info.fpr1time)