converting gpg files into PEM and certification change confusion

Werner Koch wk at gnupg.org
Fri Sep 28 07:48:08 CEST 2018


On Thu, 27 Sep 2018 22:34, gnupg-users at gnupg.org said:

> OpenPGP ones. Likewise openssl is used to work with X.509 certs,
> /etc/ssl/certs/ca-bundle.crt contains X.509 certs too.

FWIW: GnuPG also supports X.509 and CMS (aka S/MIME) you have to use the
gpgsm tool, which is similar to gpg as far as possible.  However, the
X.509 and OpenPGP protocols are quite different in that they use
different formats and that OpenPGP is a _functional_ superset of X.509.

It is not possible to mix both protocols.  There is one exception: With
a bit of magic it is possible to use a key stored on a a smartcard by
both protocols.  This is because down at the lowest math level both use
the same algorithms.


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20180928/f94ce280/attachment.sig>


More information about the Gnupg-users mailing list