Faramir-2 wrote:
>
> Rather than using the same key pair with x.509 and PGP, I would
> suggest to use your x.509 certificate as a "proof" of your identity, and
> if people accept that as a valid proof, then they would sign your pgp
> key too.
>
Interesting, I'll look into that...
>> The pa
>> * if I sign a message with that key pair, and someone challenges my
>> identity, what's the best/easiest way for me to prove my identity?
>
>You can't.
>
>Identity cannot be proven. Evidence can be presented, but someone can
s/prove/assert
(at least I think assert is the right word... I coul
I'm experimenting w/ using the "freemail" certificates from thawte & was just
wondering if there is a way I can use them with gpg (openpgp, NOT S/MIME). I
can figure out how to use openssl to extract the rsa public key / private
key from the exported PKCS12 file, but I'm not sure how (or if) there
