[Freedombox-discuss] Announcing Santiago Release Candidate 1
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Mon May 21 20:39:05 UTC 2012
On 05/20/2012 10:00 AM, Michael Rauch wrote:
>> Has anyone looked into using PGP keys as SSL certificates?
>
> Monkeysphere [0] can create a pgp-cert based on the an existing X.509
> cert by extracting its RSA key.
>
> There's a post on Stackoverflow [1] about doing it the other way around,
> creating a X.509 cert based on a pgp-cert.
>
> 0: http://web.monkeysphere.info/doc/host-keys/
> 1:
> http://stackoverflow.com/questions/4061319/is-it-possible-to-create-an-ssl-certificate-out-of-a-pgp-public-private-key
>
> 2:
> https://svn.java.net/svn/sommer~svn/trunk/misc/FoafServer/pgpx509/src/net/java/dev/sommer/foafserver/utils/PgpX509Bridge.java
RFC 6091 defines a way to use OpenPGP certificates instead of X.509
certificates for TLS sessions:
https://tools.ietf.org/html/rfc6091
You might also be interested in this discussion n the monkeysphere list
about generating X.509 certificates that refer directly back to their
OpenPGP origin:
https://lists.riseup.net/www/arc/monkeysphere/2011-03/msg00027.html
hth,
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1030 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20120521/33d07adb/attachment.pgp>
More information about the Freedombox-discuss
mailing list