Differences: OpenPGP vs. X.509
Stefan X
stefanxe at gmx.net
Thu Jan 15 17:54:20 CET 2009
Thanks for the explanation.
Are there any thoughts on my questions in my previous mail, which is:
If both formats have very similar sets of features, it really does not
make sense for me to have both formats available. Instead
interoperability between different systems would be better with a single
format. Better and easier interoperability could also result in a wider
distribution of encryption-usage overall. Thus I am wondering if there
are any efforts to synchronize or unite both formats? If not, which
strategies/options may be appropriate to go in this way (e.g. embed one
format into the other, using the same key parameters etc.)?
Werner Koch schrieb:
> On Wed, 14 Jan 2009 13:36, stefanxe at gmx.net said:
>
>> Also I came to this question by having a X.509 smart card which I would
>> like to use with OpenPGP/gnupg. Is there any practical tool to convert
>> the key parameters in such case?
>
> That uis not possible. gpg does only support the OpenPGP card - adding
> support for arbitrary cards is a too complicated and does not make much
> sense to me. The other way around it works nicely: You can use an
> OpenPGP card for X.509; in particular for an TLS user certificate. see
> www.scute.org.
>
>> Also I saw that GnuPG 2 is able to use X.509 but to which extend and
>> does it allow any interoperability between both formats?
>
> For Secure Shell (OpenPGP, Belpic, some other pkcs#15 cards and soon
> Netkey 3.). Also of course for S/MIME.
>
>
> Salam-Shalom,
>
> Werner
>
More information about the Gnupg-devel
mailing list