On Sun, 2016-03-06 at 18:23 +0000, Pete Biggs wrote: > > > > > > > > > > > > > the signature doesn't have much to do with the message headers, > > > not > > > with the From; evo shows at the very bottom who signed it. > > Thinking about it, I find this strange, and actually would like to > > be > > notified if the signature address differs from the From address. > > > > Maybe I do not understand the idea behind it, so I wanted to ask > > again > > for the reasoning behind the current implementation. > S/MIME certificates can be created by anyone for any email address > and > the public key for the certificate is included with every message. > As > such they are not designed to, and can not, verify the sender. The > sender, if they so wish can create a new certificate for every email > they send. In fact in Evolution I can select any S/MIME certificate > with any email address (and I have a few) to sign a message, the > email > addresses don't have to match up - it's usual that they do match, but > they don't have to. > > S/MIME certificates are designed for encryption and to verify that > the contents of a message haven't been altered in transmission.
Also that the sender is in possession of the private key, i.e. has signed the message. However (for example) an assistant might send a message signed by a supervisor, in which case the sender's address would probably not match the signature. (Actually there are email protocols for the assistant to send mail on behalf of the boss, or indeed on behalf of a group of people, but they are rarely used). poc _______________________________________________ evolution-list mailing list evolution-list@gnome.org To change your list options or unsubscribe, visit ... https://mail.gnome.org/mailman/listinfo/evolution-list
