making the X.509 infrastructure available for OpenPGP

Peter Lebbing peter at
Tue Feb 4 19:38:07 CET 2014

On 04/02/14 17:09, Daniel Kahn Gillmor wrote:
> If there is a public CA that is willing to offer OpenPGP certificates, i
> would like to know about it (whether they offer them with the same key they
> use for their X.509 activities or not).

FWIW, CACert signs OpenPGP keys of verified people with key 0xD2BB0D0165D0FD58
if you want them to. Since it's 1024-bit DSA, it's a bit dated in some respects.
And CACert still isn't in the default trusted root bundle on quite some systems,
I believe.

With regard to this discussion: I'd rather see the CA model replaced by
something a little more trustworthy than extending the trust in that broken
model to OpenPGP. Monkeysphere comes to mind.



I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <>

More information about the Gnupg-users mailing list