making the X.509 infrastructure available for OpenPGP

Hauke Laging mailinglisten at
Wed Feb 5 04:15:53 CET 2014

Am Di 04.02.2014, 21:05:10 schrieb Werner Koch:
> On Tue,  4 Feb 2014 17:09, dkg at said:
> > I don't know of a formalized way to do the other mapping, but it
> > seems like it would be pretty straightforward to embed the full
> > X.509 certificate in a notation packet on a self-sig (presumably a
> > self-sig
> PGP does this.  IIRC, Hal Finney once posted the specs for this to the
> OpenPGP WG.

Wow. Does that mean that PGP can verify OpenPGP keys with X.509 
certificates (in combination with a related OpenPGP certificate)? Or is 
this just a "theoretical" feature?

Are there reasons (beside the obvious effort and work budget) for not 
having implemented this in GnuPG?

Crypto für alle:
OpenPGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20140205/cf99b625/attachment-0001.sig>

More information about the Gnupg-users mailing list