gnutls + openpgp

Matthias-Christian Ott ott at
Sun Nov 4 19:44:43 CET 2012

On 2012-11-03 20:26, Nikos Mavrogiannopoulos wrote:
> And even more, if it is shown they are not widely used, does it make
> sense to support openpgp keys in gnutls at all?

Despite of mod_gnutls I'm not aware of any software that supports it. I
tried to make Mozilla aware of TLS with OpenPGP [1], but (I think) there
seems to be no interest and getting support for this into NSS didn't
seem "politically" easy. So it's a chicken and egg problem.

I wouldn't remove it, because otherwise X.509 is the only means of
authentication in TLS (I think everything in the X.509 vs. OpenPGP
debate has been said and both have their practical reasons for
existence). Perhaps draft-ietf-tls-oob-pubkey is a compromise.



More information about the Gnutls-help mailing list