openPGP vs x509
Kai Klesatschke
kai.klesatschke at gmx.de
Wed Apr 7 10:29:31 CEST 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
For which reasons do you want to use X509 for SSL connections?
For the ca of our university I did an inquiry about this issue and
didn't find any CA that certifies OpenPGP keys for Servers. But there
are many uncommercial CAs which certifies without any costs.
My opninion is, that the hierarchical X509 structur is more efficient
because not every client has to know about a special certificate. On the
other side, I have no idea how this should work with pgp-keys in
reality. To encrypt a connection normaly the opponents publickey is used
to encrypt and the secretkey is used to decrypt. This means, that a
server have to know all public keys of clients connecting to it. A
handshake between the server an client maybe solve this prob.
Atom 'Smasher' wrote:
| is there any development in working towards an openPGP ~type~ of framework
| for web sites (HTTPS) as an alternative to the x509 standard?
|
| one shouldn't have to pay for trust ;)
|
|
|
| ...atom
|
| _________________________________________
| PGP key - http://atom.smasher.org/pgp.txt
| 3EBE 2810 30AE 601D 54B2 4A90 9C28 0BBF 3D7D 41E3
| -------------------------------------------------
|
| "Politics would be a helluva good business
| if it weren't for the goddamned people."
| -- Richard M. Nixon
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFAc7vrlJVV36J3GRMRApe8AJ9Mm+6E9+oXnne95+AN11oYU8SI6QCggB8N
iO2dxPgi9Nv5Xk7vJC1N7/Q=
=LPbu
-----END PGP SIGNATURE-----
More information about the Gnupg-users
mailing list