using gpg with private keys from openssl certificates?
Andre Amorim
decouk at gmail.com
Thu Dec 18 00:24:00 CET 2008
>X.509 (the standard used by freemail certs) and OpenPGP use the same
>underlying algorithms, but the protocols are dramatically different.
>Making them interoperate is hard, and is usually not worth it.
Robert did you already check this:
FREEICP.ORG: FREE TRUSTED CERTIFICATES BY COMBINING THE X.509
HIERARCHY AND THE PGP WEB OF TRUST THROUGH A COLLABORATIVE TRUST
SCORING SYSTEM
http://middleware.internet2.edu/pki03/presentations/02.pdf
[s]
Andre Amorim
2008/12/17 arghman <jmsachs at gmail.com>:
>
>>> * if I sign a message with that key pair, and someone challenges my
>>> identity, what's the best/easiest way for me to prove my identity?
>>
>>You can't.
>>
>>Identity cannot be proven. Evidence can be presented, but someone can
>
> s/prove/assert
>
> (at least I think assert is the right word... I couldn't think of the right
> word when I wrote that)
>
> I don't need them to interoperate, I would just like to use the same key
> pair. WoT is fine but it would be nice to have a way to assert that [X = the
> person in possession of private key K_pr = me + anyone I'm stupid enough to
> share my private key with] is both trustable via Wot, *or* by trusting a
> certificate authority. "trustable" probably not the right word but I'm a bit
> shaky on the protocol vocabulary.
> --
> View this message in context: http://www.nabble.com/using-gpg-with-private-keys-from-openssl-certificates--tp21057804p21063072.html
> Sent from the GnuPG - User mailing list archive at Nabble.com.
>
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
>
--
Andre Amorim
GnuPG KEY: 2048R/3E10FF47
Download:
http://pgp.zdv.uni-mainz.de:11371/pks/lookup?op=get&search=0x7C3B77763E10FF47
More information about the Gnupg-users
mailing list