openPGP vs x509

Anonymous Sender anonymous at
Wed Apr 14 08:18:55 CEST 2004

Werner Koch:
> TLS provides such a mechanism but sane users don't hand their money
> over to Verisign for a user certificate.  I don't know whether
> browsers support this at all.

'curl' and 'libcurl' do support TLS client authentication:
$ curl --help|grep cert
 -E/--cert <cert[:passwd]> Specifies your certificate
                           file and password (HTTPS)
    --cert-type <type> Specifies certificate file type (DER/PEM/ENG) (HTTPS)
    --cacert <file> CA certifciate to verify peer against (SSL)
 -k/--insecure      Allow curl to connect to SSL sites without certs (H)

Stunnel, which also supports client authentication, can be used 
with browsers that do not support it natively...

More information about the Gnupg-users mailing list