Differences: OpenPGP vs. X.509

Werner Koch wk at gnupg.org
Wed Jan 14 11:18:32 CET 2009

On Wed, 14 Jan 2009 09:01, stefanxe at gmx.net said:

> Does it mean theoretically it would possible to convert a)
> keys/certificates and b) encrypted or signed messages between OpenPGP
> and X.509 without serious problems (e.g. loss of information)?

No, that is not possible.  You can use the same key parameters with
OpenPGP and X.509 (I do this sometimes with smartcards). However it
gives you nothing because the value of a certificate (keyblock in
OpenPGP parlance) is that other information is associated with the key
and that information is bound to the key by a digital signature.  This
signature is either X.509 or OpenPGP.  You can't convert one signature
into another one.



Die Gedanken sind frei.  Auschnahme regelt ein Bundeschgesetz.

More information about the Gnupg-devel mailing list