Ägypten with S/MIME and OpenPGP

Simon Josefsson jas@extundo.com
Fri Nov 2 20:48:01 2001


Jan-Oliver Wagner <jan@intevation.de> writes:

> On Tue, Oct 30, 2001 at 08:51:19PM +0100, Simon Josefsson wrote:
>> Jan-Oliver Wagner <jan@intevation.de> writes:
>> > On Thu, Oct 25, 2001 at 06:51:48PM +0200, Jan Petranek wrote:
>> >> My interest lies more to the issue, how implementing both (OpenPGP and
>> >> S/MIME) format would effect public-key-infrastructures.
>> >
>> > in the first instance it can't have an effect on pki.
>> > pki with OpenPGP and S/MIME are two separate worlds.
>> 
>> There's no reason it has to be that way, I believe proprietary PGP
>> implementations already support X.509 certificate syntax, so OpenPGP
>> and S/MIME aren't that far away from each other.
>
> I more thought of the philosophy pkis can work (strictly
> hierarchical or distributed) and the question for what
> purposes they actually should be used in our society/economy?

A flexible PKI framework should support either philosophy, and if you
did this, you might implement the first PGP-style use of PKIX
certificates and vice versa which would be a good thing.  IMHO, the
low-level data blobs (PGP or X.509) should not, and do not,
necessarily determine what PKI philosophy you use.