get OpenPGP pubkeys authenticated using German personal ID
Jacob Bachmeyer
jcb62281 at gmail.com
Sat Jun 3 02:56:15 CEST 2023
Alexander Leidinger via Gnupg-users wrote:
> [...]
>
> I don't remember if there was a challenge/response or not. As I still
> have the email with the signed key, I can tell that the signature can
> arrive via a TLS encrypted SMTP channel directly from governicus (and
> they have a SPF setup but not DKIM):
> ---snip---
>
> Received: from smtp.governikus.de (smtp.governikus.de [194.31.70.126])
> (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
> key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256
> client-signature RSA-PSS (4096 bits) client-digest SHA256)
> (Client CN "VPR-BOS004.dmz.bosnetz.de", Issuer "VPR-BOS004.dmz.bosnetz.de" (not verified))
>
>
> ---snip---
>
Am I misreading that header or does Governikus' outgoing SMTP have a
self-signed client certificate for 'VPR-BOS004.dmz.bosnetz.de'? That
does not inspire confidence...
-- Jacob
More information about the Gnupg-users
mailing list