On Thu, 3 Apr 2008 19:20, [EMAIL PROTECTED] said: > I'm just curious and do not mean to be offensive or to belittle the > effort to implement S/MIME, but is GnuPG's S/MIME implementation > actually used somewhere?
Well, KDE uses it. It is further the only Unix S/MIME application (with KMail) which passed the compatibility checks done by the BSI [1]. Mozilla has been tested too but woth some problems. In fact the Mozilla Foundation rejected our offer to implement a couple of useful and necessary enhancements to their S/MIME implementation. The way Mozilla works is basically: Show a positive result but don't annoy the user if the signature is suspicious. The fact that Mozilla may fall back to 40 bit RC4 encryption may indicate that the developers do not consider privacy a major goal. > aware of (like being able to re-use OpenPGP key material 'transparently' > in an S/MIME certificate)? You can't do that for technical reasons. An X.509 certificate based on the key material from an OpenPGP key has just the key material in common but nothing else. This would only make sense if you store your private key on a smartcard. GnuPG supports creation of certificates (to be exact, certificate signing requests) using existing key material. Salam-Shalom, Werner [1] e.g. http://www.bsi.de/fachthem/verwpki/dokumente/1_2005.pdf (German) -- Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
