Message signing popups....
Ingo Klöcker
kloecker at kde.org
Thu May 28 21:50:57 BST 2020
On Donnerstag, 28. Mai 2020 08:43:28 CEST strato_test wrote:
> On Thursday, May 28, 2020 2:35:36 AM CEST John Scott wrote:
> > If you're using Debian or a derivative by chance, there is a gpgsm (GPG
> > for
> > S/ MIME) bug related to it not importing system certificates. Unless the
> > distro provides the specific integration, gpgsm has no certificate
> > authorities to go off of by default.
> >
> > Using my S/MIME certificate too now out of spite :)
>
> Since I have returned to kmail (the message display in evolution makes it
> too difficult to see which messages are read and which aren't): I'm
> sometimes getting the same pop-up --- and since we are at this: What is the
> point of the signature verification?
>
> Unless I have met the person and have personally exchanged keys with them, I
> do not know who sent the message.
There are two different approaches for certificate validation. You are
referring to personal certificate validation and the web-of-trust, that's
usually used with OpenPGP certificates.
In contrast, S/MIME certificates are usually signed by trusted certificate
authorities (CAs) in a PKI. This is similar to the issuing of identity cards/
passports by trusted official authorities. The advantage of such a centralized
approach is that you only need to trust the CAs. The disadvantage of this
centralized approach is that CAs cannot really be trusted. See my other
message in this thread.
Regards,
Ingo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: This is a digitally signed message part.
URL: <http://mail.kde.org/pipermail/kdepim-users/attachments/20200528/9c0f92d2/attachment.sig>
More information about the kdepim-users
mailing list