[GPGSM][GPGME] thawte freemail certificates?

Stephan Menzel smenzel at gmx-gmbh.de
Mon Apr 21 10:45:06 CEST 2008

Hi there,

I have a very hard time trying to get a mail signature verified which was 
created using a Thawte Freemail certificate. I'm using GPGME to access GPGSM.

The Problem appears to be not a new one:

It says here, the certificate contains the information that it's only fully 
valid when the CRL has been checked, but fails to specify the location of 
that CRL.

Using KMail with the same backend I can have the siganture valid (green) when 
I specify "disable-crl-checks" in gpgsm.conf. If I don't, it's yellow 
(unknown). But gpgme doesn't seem to recognize it. It says "validity=unkown", 
even when I add the fingerprints of all relevant Thawte root certs in 

I know, it sounds all a bit weird, but there must be a way to have Thawte's 
Freemail signatures verified. Please let me know if I can provide any further 

Thanks and Greetings...

Stephan Menzel

Stephan Menzel, Senior Technical Architect, Spam and virus protection
GMX GmbH, Frankfurter Ring 129, D-80807 Muenchen - http://www.gmx.net
Telephon +49 89 14339-506, stephan.menzel at 1und1.de
Amtsgericht Muenchen HRB 144261, Geschaeftsfuehrer: Eva Heil, Achim Weiss
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20080421/9bb22e3f/attachment.pgp>

More information about the Gnupg-users mailing list