15 Certificate details | Contents |
In Chapter 7.3, you have already seen the detailed dialog for the certificate you generated. It contains a lot of information about your certificate. The following section provides a more detailed overview of the most important points, with brief information on the differences between OpenPGP and X.509 certificates, including:
For OpenPGP certificates, you can use Kleopatra to add additional user IDs to your certificate using the menu Certificates -> Add user ID... menu item. This makes sense if, for example, you wish to use the same certificate for another e-mail address.
Please note: Kleopatra only allows you to add user IDs for OpenPGP certificates, but not X.509.
In the case of OpenPGP certificates, the validity is usually set to Indefinite . You can change this in Kleopatra by clicking on [Change expiry date] in the certificate details - or select the Certificates -> Change expiry date and enter a new date. This means that you can declare the certificate valid for a limited time period, e.g. in order to issue it to outside employees.
The validity of X.509 certificates is defined by the certificate authority when the certificate is issued, and cannot be changed by the user.
The trust status is only relevant for OpenPGP certificates. No such method exists for X.509 certificates.
Authentications are only relevant to OpenPGP certificates. This type of trust mechanism does not exist for X.509 certificates.
You do not necessarily have to know the certificate details to use Gpg4win on a daily basis, but they do become relevant when you want to receive or change new certificates.
You already learnt how to inspect and authenticate someone else's certificate and about the "Web of Trust" in Chapter 11.
© 31. August 2010, v3.0.0-beta1 (last minor changes from 21. September 2010)
The Gpg4win Compendium is filed under the
GNU Free Documentation License v1.2.
15 Certificate details | Contents |