[kmail2] [Bug 385687] certification path validation
Andre Heinecke
bugzilla_noreply at kde.org
Mon May 7 12:36:06 BST 2018
https://bugs.kde.org/show_bug.cgi?id=385687
--- Comment #5 from Andre Heinecke <aheinecke at intevation.de> ---
Thanks for the link to the testing tool.
Can you clarify which Report you mean? I have not yet received the report you
had attached to the other bug. Could you please send it to me (
aheinecke at intevation.de ) or to security at gnupg.org ?
My OpenPGP Key is: https://k.gnupg.net/94A5C9A03C2FE5CA3B095D8E1FDF723CF462B6B1
In general I think your findings are valid and I was able to reproduce them
with gpgsm / gpgparsemail on the command line.
I would be interested about which kinds of attack you think are possible, in a
properly setup PKI, through the reported issues. Please feel free to comment in
the split issues I've linked in Comment 3 if you think that I underestimated
the significance of an issue.
Best Regards,
Andre Heinecke
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the Kdepim-bugs
mailing list