[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: OpenPGP vs. X.509/PKCS
At the time PGP was created, there were a LOT of things that PGP
could offer than X.509 could not. To name a few:
- PGP certificates are MUCH smaller than X.509 in terms of the number
of bytes required to represent the same semantic content.
- at the time X.509 certificates could only carry a single signature,
forcing users into a strict hierarchical model, whereas PGP allows
the opportunity for a more web-like model that better mirrors
- PGP certificates are self-generated, and require no interaction
with anybody in order to start using the system, wheras with X.509
you need to get your key signed by an authority before you can use
it at all.
Note that the question you are asking does not necessarily follow from
the question that I answered. The question was about why PKCS was
created. PKCS came from RSADSI, which was the company that owned the
RSA patent. They created the PKCS standards.
As for why X.509 took off? It took off because there was money to be
made when you force users to use your services (read: you're a CA),
and because you have a business whereas PGP does not. (Note that all
this happened in the early 90s, well before PGP, Inc. existed).
"Leon Kuunders" <email@example.com> writes:
> So the question is: how could we turn OpenPGP into a more-money-making
> infrastructure? And that comes down to: what kind of need would there be for
> OpenPGP? If there is already X509? What can OpenPGP do what the other one
> can't? And what kind of business model would go with that?
> Is it feasible to think that as long as the 'mainstream' is not convinced of
> the fact that OpenPGP can bring them _more_ money than X509 - that this
> battle is moving towards a definite end?
> > From: Derek Atkins
> > Because "they" weren't making any money off of PGP. :)
> > -derek
> > firstname.lastname@example.org writes:
> > > From: John Dlugosz
> > >
> > > If PGP was indeed established as the first useful PK system,
> > why did "they"
> > > come up with PKCS standards that are totally different? Why
> > did PKCS-style
> > > files and formats propigate through Internet standards, when all along
> > > everyone was using PGP, and had access to that code?
> > >
> > --
> > Derek Atkins
> > Computer and Internet Security Consultant
> > email@example.com www.ihtfp.com
Computer and Internet Security Consultant