OpenPGP Card

Alphax alphasigmax at
Tue Sep 6 17:32:52 CEST 2005

Janusz A. Urbanowicz wrote:
> On Tue, Sep 06, 2005 at 11:48:45PM +0930, Alphax wrote:
>>>The application is free to do whatever it wants with these objects,
>>>given sufficient authentication to the card (PIN). Technically, there is
>>>nothing CA can do to prevent you to use your X.509 keys as OpenPGP keys.
>>I think I might have seen something like that with a Thawte Freemail
>>root certificate or something... it wasn't pretty :(
> When Thawte signed PGP keys as a part of Web Of Trust program, they used the
> same key in both OpenPGP and X.509 form.
> Why you say it wasnt pretty? An actual RSA modulus is well hidden within the
> stuff so it doesn't really matter.

They converted the same key several times, so there were 3 or so keys
with the same long fingerprint, but different creation times - multiple
copies of the same key.

Is it possible to arbitrarily make an OpenPGP key with whatever keypair?

Alphax                      |   /"\
Encrypted Email Preferred   |   \ /     ASCII Ribbon Campaign
OpenPGP key ID: 0xF874C613  |    X   Against HTML email & vCards    |   / \

More information about the Gnupg-users mailing list