Can't verify Thawte S/MIME message (was: decrypt PGP 8 msg)

Neil Williams
Thu Sep 11 19:49:01 2003

Content-Type: text/plain;
Content-Transfer-Encoding: quoted-printable
Content-Description: signed data
Content-Disposition: inline

On Thursday 11 Sep 2003 2:30 am, Eugene Smiley wrote:
> > But I do not know what to do with his second part.

Nothing much - unless you also seek out a Thawte certificate or build anoth=
plugin from source.

> >> Yet it doesn't verify as S/MIME - it comes up as unknown mime
> >> type in KMail. The block is also VERY long (4.7kb), more like an
> >> attached public key rather than a signature? (yet it lacks the
> >> BEGIN/END PGP KEYBLOCK lines or comments). gpg complains of a
> >> lack of OpenPGP data when the block is saved as a file.
> I discussed this with Neil off-list and his assesment, correct me if I
> am wrong Neil, is that it has to do with the Kmail plugins. Maybe one

It does. The KMail cryptplug/ plugin, under a default build=
can't understand the Thawte portion. There's a second plugin that can be=20
built from the same source via the Aegypten project:
Thawte offers X509 S/MIME certificates. Here's a step-by-step HOWTO that I=
used to get my Thawte certificate into GPGSM:=20

Aegypten provide a tool that links the X509 into GPG - GPGSM
Project Aegypten provides Sphinx-Clients (Mutt, KMail, ...) compatible to=20
S/MIME within a GnuPG framework. Within this project a few new tools have=20
been developed, most notably "gpgsm" as the S/MIME counterpart of "gpg".

> of these days, I'll venture over to the Kmail site like he suggested.

It's more of a GnuPG issue than KMail - a case of building a second plugin=
from source to go alonside
In the Cryptography section, add the Plug-In=20
/some/where/lib/cryptplug/ for S/MIME=20
and/or /some/where/lib/cryptplug/ for OpenPGP

> Ah, well I correspond with some users who use S/MIME and some who use
> PGP/GPG. I'm just too lazy to remember to switch back and forth
> between the two when I can do both. ;)

Similar. Eugene is the only person I have come across who uses Thawte and=20
OpenPGP - other users of Thawte tend to show up as 'unknown key - key not=20
available'. I might get around to it one day . . . . .


Neil Williams

Content-Type: application/pgp-signature
Content-Description: signature

Version: GnuPG v1.2.1 (GNU/Linux)