alphasigmax at gmail.com
Tue Sep 6 17:32:52 CEST 2005
Janusz A. Urbanowicz wrote:
> On Tue, Sep 06, 2005 at 11:48:45PM +0930, Alphax wrote:
>>>The application is free to do whatever it wants with these objects,
>>>given sufficient authentication to the card (PIN). Technically, there is
>>>nothing CA can do to prevent you to use your X.509 keys as OpenPGP keys.
>>I think I might have seen something like that with a Thawte Freemail
>>root certificate or something... it wasn't pretty :(
> When Thawte signed PGP keys as a part of Web Of Trust program, they used the
> same key in both OpenPGP and X.509 form.
> Why you say it wasnt pretty? An actual RSA modulus is well hidden within the
> stuff so it doesn't really matter.
They converted the same key several times, so there were 3 or so keys
with the same long fingerprint, but different creation times - multiple
copies of the same key.
Is it possible to arbitrarily make an OpenPGP key with whatever keypair?
Alphax | /"\
Encrypted Email Preferred | \ / ASCII Ribbon Campaign
OpenPGP key ID: 0xF874C613 | X Against HTML email & vCards
http://tinyurl.com/cc9up | / \
More information about the Gnupg-users