a new free smime service, but...

Steffen Nurpmeso steffen at sdaoden.eu
Thu Oct 24 00:43:23 CEST 2019


Hello,

please excuse the late reply.

Uwe Brauer via Gnupg-users wrote in <874kzz1var.fsf at mat.ucm.es>:
 |> MFPA via Gnupg-users wrote in <1171562612.20191022004056 at my_localhost_AR\
 |> >:
 |>|On Sunday 20 October 2019 at 3:20:41 PM, in
 |>|<mid:87a79vsdl2.fsf at mat.ucm.es>, Uwe Brauer via Gnupg-users wrote:-
 |>|
 |>|> I just found that
 |>|> https://extrassl.actalis.it/portal/uapub/doProcess
 |>|
 |>|> Provides a free smime certificate.
 |>  ...
 |>|> does somebody know whether there is a security
 |>|> breach, the way this
 |>|> certificate was generated?
 |>|
 |>|I'm no expert but their Certificate Policy reads to me that the
 |>|private key is compromised right from the start. I think usually the
 |
 |> I think it is common that S/MIME and SSL certificates are
 |> delivered via PKCS12, including the private key.  You then seem to
 |> extract the individual things like
 |
 |I think this is a severe security breach. The private key should never
 |leave your computer.
 |
 |>   $ openssl pkcs12 -in cert.p12 -out certpem.pem -clcerts -nodes
 |>   $ # Alternatively
 |>   $ openssl pkcs12 -in cert.p12 -out cert.pem -clcerts -nokeys
 |>   $ openssl pkcs12 -in cert.p12 -out key.pem -nocerts -nodes
 |
 |>|keys are generated on the subscriber's device and only the public key
 |>|goes to the CA to be certified.

With StartSSL it was like that, the browser generated the signing
request i hope.  But i do not know.

And, the above i inherited in the manual of the software
i maintain.  I have not seen this in the wild on my own.

 |> This is possible via CACert.org, at least still (out of money).
 |> You create your local signing request, and the private key.pem never
 |> leaves your own box:
 |
 |>   $ openssl req -nodes -newkey rsa:4096 -keyout key.pem -out creq.pem
 |
 |> (Ensure all email addresses of desire are included in the web
 |> form.)
 |> Unfortunate that besides Comodo there seems no other provider of
 |> free S/MIME certificates.  You can only self-sign, and provide

That i have done myself.

 |Comodo does not offer this any more. At the beginning of the year they
 |reduced the smime cerificates validity from 1 year to 1 month, now they
 |withdraw it all together.

I did not know that.  It was the only free service that i found
when i searched for a free S/MIME certificate last, but i kept
using CACert.org.  (Until i support PGP, when i will switch.)

 |> a safe transport for a certificate to compare with.  Which is why
 |> PGP is so nice.
 |
 |Well yes sort of, but I can tell you from my own experience PGP is more for
 |hackers while smime is not. I have convinced 6 of my friends to use
 |smime, but only one to pgp.
 |
 |Self signed smime certificates are basically useless, because then you
 |have to tell the other user either to install a root certificate or to
 |trust the certificate, in which case smime looses its convenience
 |(compared to pgp)

Well, hm, yes.  What should i say.  It depends a bit, once you
know a certificate is correct some software allow to just agree to
the checksum of a certificate, for example, no need for a root
certificate no more.  To know it is correct you need the
certificate which signed it in what you use as your local pool of
certificate authorities, of course.

I do have GPG keys in may keyring which were not signed by anyone
(when i downloaded them), too, i saw the fingerprint in some
announcement mail or on some website, searched SKS, and downloaded
the one key which did match.  (I think Postfix releases are still
shipped with a gpg1 key sign that is revoked, last i looked,
i always have to look how i can actually use a revoked key
nonetheless.)

Personally i like S/MIME more, because it comes from the same pool
of standards etc. that TLS uses, and the same library can be used
to deal with it, than what i use for TLS anyway.  In theory file
signing and all the other things would be possible via it, too,
the primitives are there, it is just not used in that there are no
omnipresent tools available, like GPG is.

There is no other reason really, except that for mail different
standards for MIME are used, and here i like the PGP one more ;)
That is just how it is, and having said that, i do use PGP since
many years, but only very rarely and mostly automatized (after
having had immense loss due to lost passwords of encrypted
backups).

--steffen
|
|Der Kragenbaer,                The moon bear,
|der holt sich munter           he cheerfully and one by one
|einen nach dem anderen runter  wa.ks himself off
|(By Robert Gernhardt)



More information about the Gnupg-users mailing list