gnutls + openpgp

Peter Williams home_pw at
Sat Nov 3 21:55:19 CET 2012

So what are they doing ... That cannot be done within the existing type definer?

If folks need an extension, there are two reasons: 

1) the concept needs replacing (eg define life do pgp Certs are undefinable)

2) one needs the tcp or http stack to be doing interpretation, before connect establish.

I can guess this is related to dnssec, preventing connection establish if the tcp engine cannot confirm the new-cert is registered by DNs

All part of the militarization of the web, I suspect. 

Sent from my iPhone

On Nov 3, 2012, at 12:26 PM, "Nikos Mavrogiannopoulos" <nmav at> wrote:

> Hello,
> It seem that the IETF TLS working group is defining a new certificate
> type extension, which in short makes the openpgp certificate type
> extension obsolete. The authors of the new draft are not very keen into
> adding the openpgp key type into the new certificate type extension,
> based on the fact that this is not widely used. So my question is does
> it really make sense to pursue that? Are there applications using gnutls
> with openpgp keys?
> And even more, if it is shown they are not widely used, does it make
> sense to support openpgp keys in gnutls at all?
> regards,
> Nikos
> _______________________________________________
> Gnutls-devel mailing list
> Gnutls-devel at

More information about the Gnutls-help mailing list