Differences: OpenPGP vs. X.509

Stefan X stefanxe at gmx.net
Thu Jan 15 17:54:20 CET 2009


Thanks for the explanation.

Are there any thoughts on my questions in my previous mail, which is:
If both formats have very similar sets of features, it really does not
make sense for me to have both formats available. Instead
interoperability between different systems would be better with a single
format. Better and easier interoperability could also result in a wider
distribution of encryption-usage overall. Thus I am wondering if there
are any efforts to synchronize or unite both formats? If not, which
strategies/options may be appropriate to go in this way (e.g. embed one
format into the other, using the same key parameters etc.)?

Werner Koch schrieb:
> On Wed, 14 Jan 2009 13:36, stefanxe at gmx.net said:
> 
>> Also I came to this question by having a X.509 smart card which I would
>> like to use with OpenPGP/gnupg. Is there any practical tool to convert
>> the key parameters in such case?
> 
> That uis not possible.  gpg does only support the OpenPGP card - adding
> support for arbitrary cards is a too complicated and does not make much
> sense to me.  The other way around it works nicely: You can use an
> OpenPGP card for X.509; in particular for an TLS user certificate.  see
> www.scute.org.
> 
>> Also I saw that GnuPG 2 is able to use X.509 but to which extend and
>> does it allow any interoperability between both formats?
> 
> For Secure Shell (OpenPGP, Belpic, some other pkcs#15 cards and soon
> Netkey 3.).  Also of course for S/MIME.
> 
> 
> Salam-Shalom,
> 
>    Werner
> 



More information about the Gnupg-devel mailing list