Can't verify Thawte S/MIME message (was: decrypt PGP 8 msg)
Thu Sep 11 19:49:01 2003
Content-Description: signed data
On Thursday 11 Sep 2003 2:30 am, Eugene Smiley wrote:
> > But I do not know what to do with his second part.
Nothing much - unless you also seek out a Thawte certificate or build anoth=
plugin from source.
> >> Yet it doesn't verify as S/MIME - it comes up as unknown mime
> >> type in KMail. The block is also VERY long (4.7kb), more like an
> >> attached public key rather than a signature? (yet it lacks the
> >> BEGIN/END PGP KEYBLOCK lines or comments). gpg complains of a
> >> lack of OpenPGP data when the block is saved as a file.
> I discussed this with Neil off-list and his assesment, correct me if I
> am wrong Neil, is that it has to do with the Kmail plugins. Maybe one
It does. The KMail cryptplug/gpgme-openpgp.so plugin, under a default build=
can't understand the Thawte portion. There's a second plugin that can be=20
built from the same source via the Aegypten project:
Thawte offers X509 S/MIME certificates. Here's a step-by-step HOWTO that I=
used to get my Thawte certificate into GPGSM:=20
Aegypten provide a tool that links the X509 into GPG - GPGSM
Project Aegypten provides Sphinx-Clients (Mutt, KMail, ...) compatible to=20
S/MIME within a GnuPG framework. Within this project a few new tools have=20
been developed, most notably "gpgsm" as the S/MIME counterpart of "gpg".
> of these days, I'll venture over to the Kmail site like he suggested.
It's more of a GnuPG issue than KMail - a case of building a second plugin=
from source to go alonside gpgme-openpgp.so:
In the Cryptography section, add the Plug-In=20
/some/where/lib/cryptplug/gpgme-smime.so for S/MIME=20
and/or /some/where/lib/cryptplug/gpgme-openpgp.so for OpenPGP
> Ah, well I correspond with some users who use S/MIME and some who use
> PGP/GPG. I'm just too lazy to remember to switch back and forth
> between the two when I can do both. ;)
Similar. Eugene is the only person I have come across who uses Thawte and=20
OpenPGP - other users of Thawte tend to show up as 'unknown key - key not=20
available'. I might get around to it one day . . . . .
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
-----END PGP SIGNATURE-----