Message signing popups....
Achim Bohnet
ach at mpe.mpg.de
Wed May 27 22:11:44 BST 2020
On Wednesday, 27 May 2020 10:55:06 CEST Ian Douglas wrote:
> On Tuesday, 26 May 2020 17:55:02 SAST Achim Bohnet wrote:
> > Achim
>
> Achim's message produces the attached popup (and another one asking similar
> things afterwards). The second one wanted me to verify the signature.
Hi Ian,
My mails are signed by an 'official' X509 certificate. i.e. not self signed.
This implies that the certificate has a chain of signing certificates that end
in a root-certificate. The popup ask you if you want to trust this root
certificate.
Mozilla and Google maintain a collection of well-known and trusted root-
certificates (the root cert of my certificate is included there).
I've no slight idea why kleopatra or better GnuPG SMime does not trust those
root certificates like all do. IMHO this is a bug :-(
> How am I supposed to know?
I've no idea too. Mozilla and Firefox carefully audits the root-certificate
and the web browser use them for all the trusted https connections. Asking me
if I know better than they do is quiet silly ;-)
> Don't know if this is a PIM issue or system issue, but asking users things
> like that is not helpful...
Agreed!
Maybe there is a simple way to trust all the trusty worth root certificates in
/etc/ssl/certificates using gpgsm ?
Achim
>
> Thanks, Ian
--
To me vi is Zen. To use vi is to practice zen. Every command is
a koan. Profound to the user, unintelligible to the uninitiated.
You discover truth everytime you use it.
-- reddy at lion.austin.ibm.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4806 bytes
Desc: not available
URL: <http://mail.kde.org/pipermail/kdepim-users/attachments/20200527/96cd38fd/attachment.bin>
More information about the kdepim-users
mailing list