Re: [openssl-users] Support for certificates other than the X509 standard Reg.
Just to clarify: Real PGP/gpg certs (not the X.509 certs embedded in some of them with a few software versions) are not ASN.1 based at all, but use a simpler, pure binary, encoding. I think there is an RFC for the format. On 1/31/2012 5:29 PM, Erwann Abalea wrote: Bonjour, Out of my head, there's ISO7816-6 certificates, used at least in eID projects (EAC passports). One can also mention PGP/GPG (which can now include X.509), with a marginal use (in corporate/business world). OpenSSL has a great support for X.509, of course, but since it also includes complete ASN.1 and crypto API, you can easily work with ISO7816-6 certificates. I haven't used PGP/GPG since a few years so I don't really know if there's an ASN.1 description, but the crypto is the same, for sure. Le 31/01/2012 17:07, Ashok C a écrit : I understand that X509 is the preferred ITU-T standard for PKI. But what would be the other certificate standards which are available and those which a PKI solution needs to support? First question would be whether there are any certificates which do not belong to the X509 standard? Also, what all standards of certificates does the openSSL implementation support? __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl-users] Support for certificates other than the X509?? standard Reg.
Hi! Out of my head, there's ISO7816-6 certificates, used at least in eID projects (EAC passports). We built support for Card Verifiable Certificats (CV-Certificates) into OpenSSL: http://openpace.sourceforge.net/ This format is used in the EAC passports. Cheers, Frank. pgpNDVrThZ4F5.pgp Description: PGP signature
Re: [openssl-users] Support for certificates other than the X509 standard Reg.
Bonjour, Out of my head, there's ISO7816-6 certificates, used at least in eID projects (EAC passports). One can also mention PGP/GPG (which can now include X.509), with a marginal use (in corporate/business world). OpenSSL has a great support for X.509, of course, but since it also includes complete ASN.1 and crypto API, you can easily work with ISO7816-6 certificates. I haven't used PGP/GPG since a few years so I don't really know if there's an ASN.1 description, but the crypto is the same, for sure. Le 31/01/2012 17:07, Ashok C a écrit : I understand that X509 is the preferred ITU-T standard for PKI. But what would be the other certificate standards which are available and those which a PKI solution needs to support? First question would be whether there are any certificates which do not belong to the X509 standard? Also, what all standards of certificates does the openSSL implementation support? -- Erwann ABALEA - Depuis ce matin, j'ai une IP en 213.@@@.@@@ et des plumes. C'est devenu apparement une IP statique. Mon contrat me donne droit à une IP dynamique.. -+- TW inhttp://neuneu.mine.nu : Neuneu se fixe -+- __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
