Alphax wrote:
Zeljko Vrba wrote:Joe Smith wrote:For example, your CA can revoke your key leaving you with one key that is invalid X.509, but valid OpenPGP? Yuck!Using the X.509 cert and OpenPGP public key (having the same private key) could be useful in the following scenario:Is that even allowed??
In what sense allowed? PKCS#11 know nothing about policies.. It just exposes a set of objects on the card (certificate, public and private keys and maybe some other data objects along with certificates). The application is free to do whatever it wants with these objects, given sufficient authentication to the card (PIN). Technically, there is nothing CA can do to prevent you to use your X.509 keys as OpenPGP keys.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
