On Wed, Jan 16, 2002 at 03:35:12PM +0200, Burak DAYIOGLU wrote: > ITU-T X.509 is a certificate standard and it is not a certificate > repository standard. So, I didn't understand how PGP is able to use > X.509? It may be correct that PGP uses LDAP repositories for > storage/retrieval but X.509 integration is an unknown for me.
Contained within the x.509 certs, or the pgp key packets, is simply some very large numbers. Those large numbers are used for RSA or El Gamal public key crypto. PGP 2.x came with RSA support initially; I don't recall when PGP moved to (patent-unencumbered) El Gamal, but it is likely PGP supports both RSA and El Gamal just fine these days. The same goes for GnuPG; it supports (patent-unencumbered) El Gamal, but has stubs to allow for back-wards compatibility with RSA. It isn't a real huge leap for PGP to deal with both X.509 certs and PGP key packets. Cheers! :) -- Find out why the United States jailed a Russian citizen over a lecture: http://www.anti-dmca.com/
msg00162/pgp00000.pgp
Description: PGP signature
