The mail from you directly works fine in Outlook, showing up with the cert icon in the mail list. Mail.app doesn't seem to have any indicator of the signing, but it's not showing a warning either.
Now, the really amusing thing is that when the mail from the listserv came in, it's "merged" with the direct mail, and I now have a warning on your message that there's a mismatch again. I think this is probably a bug with Mail.app however because it says your mail is signed by you, but it's trying to compare it with my signature - the cert that's failing is mine. PAUL ROCK Senior Programmer/Analyst | AOL Mail P: 703-265-5734 | C: 703-980-8380 AIM: paulsrock 44900 Prentice Dr. | Dulles, VA | 20166-9305 On Jun 10, 2014, at 11:32 AM, David Woodhouse <dw...@infradead.org> wrote: > On Tue, 2014-06-10 at 15:08 +0000, Rock, Paul via dmarc-discuss wrote: >> Depends on the client as well. Currently the version of Outlook (2010) >> I'm using on my Windows box also treats the signature as an attachment >> it doesn't know what to do with. > > That's odd — that's one of the few things Outlook normally gets right. > Is it an artefact of the footer that the list adds, complicating the > MIME structure? Anything outside the most basic MIME structure is one of > the *many* things that Outlook and Exchange usually get catastrophically > wrong :) > > You should receive two copies of *this* mail... does the direct one work > as expected? (That's the use case for any kind of email from banking > systems, anyway.) > > Yes, it's not a simple solution for the declining number¹ of webmail > users. I understand there are browser plugins which offer S/MIME support > for at least GMail, which is the largest webmail user base — but that's > still a bit different from "it just works" as you get with a real MUA. > >> Mail.app (version 7.3) on my Mac does understand that David has a >> signature, but I have a big warning across the top of the mail that >> the signature can't be verified due to an email address mismatch. >> Granted, that's an artifact of the mailing list, but even still, >> here's a live case where S/MIME has an issue - and I'm sure that David >> and anyone else using a client that supports S/MIME will see the same >> warning about mail on this list from me. > > Using Evolution, the GNOME mail client, I see that the mail has a valid > signature from Paul Rock <paul.r...@teamaol.com>. I am left to > cross-check that address against the address in the From: header, should > I desire to do so. > > I may file a bug suggesting that the UI should make that mismatch > clearer. > > -- > dwmw2 > > ¹ > https://litmus.com/blog/email-client-market-share-where-people-opened-in-2013 > suggests that the figure is now around 20%. >
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ dmarc-discuss mailing list dmarc-discuss@dmarc.org http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
