Werner Koch wk at
Mon Oct 31 11:14:26 CET 2005

On Sun, 30 Oct 2005 15:51:08 +0100, Christoph Anton Mitterer said:

> Goverments are often trying to restrict cryptography (see US) and also 
> here in Germany (using X.509 only which is in my opinion less secure 

There is no restriction to X.509 in Germany.  It just a matter of fact
that the very few signature law conforming CAs do X.509.  If some CA
decides to go for OpenPGP, they would just need to convince the
Bundesnetzagentur to setup the required infrastructure and Mircosoft
to support OpenPGP (the latter is the far more problematic thing).

> than OpenPGP as its using a hierarchical certificate system).

There is no indication at all that OpenPGP is stronger than X.509/CMS.
OpenPGP allows very well for a hierarchical certificate system.



More information about the Gnupg-users mailing list