a new free smime service, but...

Steffen Nurpmeso steffen at sdaoden.eu
Fri Oct 25 20:02:40 CEST 2019

Robert J. Hansen wrote in <7e1208e4-aa1b-2e4c-3b3b-b74901456101 at sixdemon\
 |> Why doesn't Let's Encrypt offer this service?
 |Because it's outside the scope of what Let's Encrypt exists to do, which
 |is make it easy to provide HTTPS support to small websites.
 |SMTP is *totally* outside of Let's Encrypt's mission.  If you've got a
 |problem with that, take it up with Let's Encrypt.  They're pretty
 |responsive on Twitter at https://twitter.com/letsencrypt.

If i recall correctly Melnikov made a draft how the ACME stuff
could be extended to S/MIME, but it never left draft state.  I do
not listen to the according IETF working groups, ...  Wait, it is
still an active draft, version 6, last updated this year July: [1]
Unfortunately it wants DKIM/SPF/DMARC and a single MIME message
body, which counteracts my desire to vanquish that in favour of
a nice CMS thing that puts list addresses in From:, or so.  Sigh.

  [1] https://tools.ietf.org/html/draft-ietf-acme-email-smime-05

 |> Why isn't CAcert after years of participation listed as trusted CA \
 |> in root
 |> stores?
 |Because CACert hasn't been able to comply with Mozilla's Root Store
 |Policy.  Chrome has its own root store policy, as does Internet
 |Explorer.  CACert hasn't been able to dot the is and cross the ts for
 |any of them, AFAIK.

|Der Kragenbaer,                The moon bear,
|der holt sich munter           he cheerfully and one by one
|einen nach dem anderen runter  wa.ks himself off
|(By Robert Gernhardt)

More information about the Gnupg-users mailing list