>> "Werner" == Werner Koch <w...@gnupg.org> writes: > On Sat, 26 Oct 2013 22:03, o...@mat.ucm.es said: >> know by the date of the certificate which certificate to use for which >> message? >> >> - old for old messages
> Note, that there is no need for a certificate for decryption - only the > private key is required. The certificate is only used to show some meta > information. Now I am confused. Most likely my knowledge of certificates is not correct. (I played around with openssl to generate my own, useless, certificates). I thought a certificate consists of a key pair (private/public) which is signed by the Authority (here comodo). When I apply for a certificate, the keypair is generated by the crypto module of the browser and then signed. So I thought when I apply for a new certificate a new key pair is generated which gets signed again. But your comment above seems to indicate that the old pair gets a new signature. Is this correct? But what if I apply with a different browser I applied the last time. thanks Uwe Brauer
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
