Well, let's look at the most recent S/MIME draft dated Sept 5th. Cert
handling, section 3.1, internet mail address MUST be used as DN, hmmm,
sounds like old PGP. I posted some extensions for the naming conventions a
while ago, and got some possitive response (besides the ASN.1 encoding
example). Open-PGP should use the Pub.Key as Distinguished Name or
Principle (as in SDSI), then you can put whatever in the identity /
authorization field for binding to the key by a signer.
CB
At 03:34 PM 9/12/97, Peter Gutmann wrote:
One of my other "stupid PGP tricks" is to convert X.509 to and from PGP
(easier now that X509 has DSS, and maybe DH). I can't really convert
signatures, but I can move the moduli and other information around.
I've been working on this too. X.509 -> PGP is doable, but going the other
way is pretty challenging since the only thing in a PGP cert is what might
be
a commonName, and usually an email address, but not a full DN. What
thoughts
do people have on handling the naming issues?
BTW there's an X.509 profile for ElGamal as well as of a week or two ago,
check your local internet drafts repository for draft-gutmann-<something
with
'elgamal' in it>.
Peter.