gpgsm and expired certificates
oub at mat.ucm.es
Thu Nov 7 12:16:36 CET 2013
>> "MFPA" == MFPA <expires2013 at ymail.com> writes:
> But all the hordes who use webmail are pretty-much still out of luck,
> though. (With certain exceptions, such as hushmail.)
Yep, there is penango fore firefox+gmail.
>> keys are automatically embedded in the signatures.
> That is simpler and avoids the web-bug-like effect you have if you
> choose to auto-retrieve OpenPGP keys from keyservers for new contacts.
> But must waste a lot of bandwidth between regular correspondents.
Well given that a lot of users write emails with html markup, this
really does not bother me.
>> However thunderbird refuses to use yoru public key
>> claiming it cannot be trusted.
> I just searched and found  about Thunderbird, which says you can
> import a copy of other people's self-signed S/MIME certificate from a
> ".cer" file into your "Authorities" tab. So much for "being easier
> because keys are automatically embedded in the signatures."
Well I was referring to the following 10 years old bug
I have the feeling this is a design decision by "philosophy":
thunderbird/semonkey don't encourage the use of self-signed certificates
(BTW I just learn that there is a add-on, key-manager which generates
self-signed certificates, similar as it seems to me to the BAT.
At first I thought that I need to use openssl in order to extract your
cert and import in under authorities
openssl pkcs7 -in MFPA.p7 -inform DER -print_certs > out.cert
(Which would be bad, because command line openssl is not what the
average user would call, comfortable and windows users have to install
openssl a part)
However it is not necessary I just export our signature as a pem file
and import in under authorities. Still this is very uncomfortable...
BTW, I see you switched back to pgp, but why do you use old inline mode
and not pgpmine?
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 5556 bytes
Desc: not available
More information about the Gnupg-users