On Fri, Apr 18, 2014 at 10:04:50PM +0200, Thomas Schittli wrote:
> We already have trusted Certificates from a CA. Can we use them
> instead of an additional PGP key?

Git wants a key that can be used by GnuPG, and X.509 certificates can't
be.  It invokes the gpg binary that's in your path, so X.509 integration
isn't possible unless gpg learns about it.

> We already have:
> - s/mime certificate
> - web server ssl/tls certificate
> - XMPP Jabber ssl/tls certificate
> - Object Code Signing certificate
>  
> Or if we have to use a new pgp key: can we sign it using any of our
> certificates?

Only in the sense that you can sign any arbitrary piece of text or data
with your certificates.

-- 
brian m. carlson / brian with sandals: Houston, Texas, US
+1 832 623 2791 | http://www.crustytoothpaste.net/~bmc | My opinion only
OpenPGP: RSA v4 4096b: 88AC E9B2 9196 305B A994 7552 F1BA 225C 0223 B187

Attachment: signature.asc
Description: Digital signature

Reply via email to