> > > > > the signature doesn't have much to do with the message headers, not > > with the From; evo shows at the very bottom who signed it. > Thinking about it, I find this strange, and actually would like to be > notified if the signature address differs from the From address. > > Maybe I do not understand the idea behind it, so I wanted to ask again > for the reasoning behind the current implementation.
S/MIME certificates can be created by anyone for any email address and the public key for the certificate is included with every message. As such they are not designed to, and can not, verify the sender. The sender, if they so wish can create a new certificate for every email they send. In fact in Evolution I can select any S/MIME certificate with any email address (and I have a few) to sign a message, the email addresses don't have to match up - it's usual that they do match, but they don't have to. S/MIME certificates are designed for encryption and to verify that the contents of a message haven't been altered in transmission. P. _______________________________________________ evolution-list mailing list evolution-list@gnome.org To change your list options or unsubscribe, visit ... https://mail.gnome.org/mailman/listinfo/evolution-list