Terminology - certificate or key ?

John Lane gnupg at jelmail.com
Thu Sep 29 12:23:47 CEST 2016

I was reading the FAQ and noticed that it uses the word 'certificate' to
describe what I think people commonly refer to as their 'key' (ref
gnupg-faq.html section 7.4 and 7.5) that they would upload to a 'key

* A certificate is a large data structure that contains one or more
/keys/, and optionally information that identifies the user, designated
revokers, who has vouched for this certificate, and so on.

* A keyserver is a service that publishes public-key certificates and
makes them searchable. You can upload your certificate to a keyserver so
that other users can find it.

Certificate makes sense to me (it contains multiple public keys and
other things) but common parlance uses 'key' and what should be called a
'certificate server' is called a 'key server'. The only place I've seen
it definitively called a 'certificate' is in the GnuPG documentation,
but RFC4880 casually mentions the relationship (in para

* A Public-Key packet starts a series of packets that forms an OpenPGP
key (sometimes called an OpenPGP certificate).

I was just wondering whether I've misunderstood or if there is some
historic reason for my confusion.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20160929/99a3c26a/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: </pipermail/attachments/20160929/99a3c26a/attachment-0001.sig>

More information about the Gnupg-users mailing list