On Tue, Oct 10, 2017 at 08:40:38AM +, ankostis wrote:
> But it doesn't have to be XML!
> Besides ETSI, the european organization implementing eIDAS has 3 "standards"
> (e.g. [1]):
> XADES(XML), PADES (pdf), CADES - the last one doubting if it has any
> modern use.
>
> Why not push them for a n
But it doesn't have to be XML!
Besides ETSI, the european organization implementing eIDAS has 3 "standards"
(e.g. [1]):
XADES(XML), PADES (pdf), CADES - the last one doubting if it has any modern use.
Why not push them for a new PGPADES standard?
Best,
Kostis
[1] https://blogs.adobe.com/securi
On Fri, Jun 02, 2017 at 09:39:51PM +0200, Werner Koch wrote:
> On Wed, 31 May 2017 19:34, ankos...@gmail.com said:
>
> | >>I have some questions related to XML-Dsig:
> | >
> | >Argghh!! Run away!
> |
> | A near-universal reaction.
>
> XML crypto can be summarized as
> we-repeat-all-bugs-the-
On Wed, 31 May 2017 19:34, ankos...@gmail.com said:
> More detailed, from the three standards supported, only the last one,
> XML-sig, supports PGP: https://www.w3.org/TR/xmldsig-core/#sec-PGPData
That looks pretty much like a re-specification of PKCS#15 which also has
provisions for PGP and SPKI
On 31/05/17 19:34, ankostis wrote:
> On 31 May 2017 at 15:14, Daniel Pocock wrote:
>>
>> Are the CMS, PDF or XML standards flexible enough that a PGP signature
>> could be used within any of them and thereby satisfy the legislation?
>
> IANAL, but I would agree with Reiner that the implementing
On 31 May 2017 at 15:14, Daniel Pocock wrote:
>
> Are the CMS, PDF or XML standards flexible enough that a PGP signature
> could be used within any of them and thereby satisfy the legislation?
IANAL, but I would agree with Reiner that the implementing acts are not
technology-neutral.
More detaile
> Am 31.05.2017 um 15:14 schrieb Daniel Pocock :
>
> Are the CMS, PDF or XML standards flexible enough that a PGP signature
> could be used within any of them and thereby satisfy the legislation?
> Or could any of those standards potentially be amended/extended to allow
> use of PGP signatures?
On 31/05/17 13:54, Rainer Hoerbe wrote:
> Hi Daniel,
>
> The eIDAS regulation is replacing the national e-signature laws to make
> signatures (besides other other things) interoperable across borders.
> While the law is fairly technology-neutral, the implementation acts have
> to reference speci
Hi Daniel,
The eIDAS regulation is replacing the national e-signature laws to make
signatures (besides other other things) interoperable across borders. While the
law is fairly technology-neutral, the implementation acts have to reference
specific technologies, which are CMS, PDF- and XML signa
Am 31.05.2017 um 12:18 schrieb Daniel Pocock:
Hi Stefan,
Thanks for sharing these. Unfortunately my German skills are not great,
could you make any comment about those companies?
In particular,
- does a signature from either of these comply with eIDAS (and therefore
ZertES)?
- what effort
On 30/05/17 22:17, Stefan Claas wrote:
>
>
> On 30.05.17 08:05, Daniel Pocock wrote:
>>
>> Does anybody know of certificate authorities who are willing to sign PGP
>> keys or has anybody ever looked into making that happen?
> Hi Daniel,
>
> please check those two links:
>
> https://pgp.govern
On 30.05.17 08:05, Daniel Pocock wrote:
>
> Does anybody know of certificate authorities who are willing to sign PGP
> keys or has anybody ever looked into making that happen?
Hi Daniel,
please check those two links:
https://pgp.governikus-eid.de/pgp/
https://www.heise.de/security/dienste/PGP-S
Hi all,
Can PGP / GnuPG be used in a way that makes signatures compliant with
the European eIDAS[1] or Switzerland's ZertES[2]?
Do those standards explicitly require X.509 based solutions? Or could a
certificate authority sign people's PGP keys and their PGP key could
then be used for signing o
13 matches
Mail list logo