[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: open-pgp / s/mime interoperability



Adam Back <[email protected]> writes:
>Peter Gutmann writes:
>>>open-pgp public keys aren't based on X.509 keys, so I would've thought
>>>s/mime implementation would barf on them.  
>> 
>>Actually S/MIME *could* support the use of PGP keys, but there's a field
>>(the SubjectKeyIdentifier) missing from the CMS SignerInfo which prevents
>>this.  
 
>Surely this in itself should be a compelling argument for inclusion of the 
>SubjectKeyIdentifier?  
 
I'm trying to get this adopted for CMS, the underlying data format for 
S/MIME.  The silly thing about this is that alternative key identifiers (like 
PGP keys) were going to be included in RSADSI's PKCS7v2, but aren't included 
in the IETF version of the same thing.  The result is that you have a private 
company going out of its way to accomodate open standards, and the IETF going 
out of its way to lock them out.  Weird.
 
>If it allows conversion of PGP keys into S/MIME X.509 keys.
 
You don't need this conversion, with key identifiers you can use both SPKI and 
PGP keys directly within S/MIME.  There's no need to convert them into an 
X.509-like format first.
 
Peter.