making the X.509 infrastructure available for OpenPGP

Werner Koch wk at
Wed Feb 5 11:23:24 CET 2014

On Wed,  5 Feb 2014 04:15, mailinglisten at said:

> Wow. Does that mean that PGP can verify OpenPGP keys with X.509 
> certificates (in combination with a related OpenPGP certificate)? Or is 
> this just a "theoretical" feature?

IIRC, the PGP desktop client also integrated an IPsec client and thus
they needed key management for IKE.  Merging this into the PGP key
manager was easier for them.

> Are there reasons (beside the obvious effort and work budget) for not 
> having implemented this in GnuPG?

Checkout GPA, Claws, Kleopatra, GpgOL, or GpgEX - they integrate it.  In
general it does not make sense to use the same key - there is no
advantage.  For smartcards this is a different story, though.



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gnupg-users mailing list