Differences: OpenPGP vs. X.509

Stefan X stefanxe at gmx.net
Sat Jan 24 18:03:23 CET 2009 

I agree with you that the methods typically used with X.509 and OpenPGP
differ and also you are right that X.509 is supported by several Open
Source applications.

So I understand we agree that both formats itself are not differing in
its features. Instead the implementations and the practiced methodes
differ a lot. As explained before I see huge benefits in case one format
would be used instead of two. But it seems that there is few awareness
about it and no kind of declared goal or even roadmap to achieve it. For
my understanding the best starting point would be to have applications
and libraries which provide same functionality with/for both types of
formats.

I know that gnupg is able to handle X.509 to some extend and I guess it
is not full featured. Will gnupg be able to use X.509 in all features
somewhere in the future?


Bernhard Reiter schrieb:
> On Dienstag, 20. Januar 2009, Stefan X wrote:
>>  But to be able to use it also
>> for private email encryption, such discussed interoperability with
>> OpenPGP and also with Open Source applications will be important.
> 
> But note that Free Software can do S/MIME with the cards just fine.
> (E.g. KMail/Kontact via gpgme and thus GnuPG2's gpgsm.)
> So Free Software is technically compatible to S/MIME already.
> 
> The biggest obstacles are good configuration and administration.
> Of course distributors could help a lot with good configuration.
> 
> As I explained before, it is important for people to understand what a 
> specific signature means. Currently the differences for S/MIME and OpenPGP 
> are wide on the average. So when building a user interface, I personally 
> suggest to keep S/MIME and OpenPGP usage visible and distinct.
> This caters much better to the internal and practical limits that each of the
> methods currently have. 
> 
> Bernhard
> 
> 
> 
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> Gnupg-devel mailing list
> Gnupg-devel at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-devel

More information about the Gnupg-devel mailing list