On Thu, Nov 07, 2013 at 12:16:36PM +0100, Uwe Brauer wrote: > >> "MFPA" == MFPA <expires2...@ymail.com> writes: [snip] > >> However thunderbird refuses to use yoru public key > >> claiming it cannot be trusted. > > > > I just searched and found [1] about Thunderbird, which says you can > > import a copy of other people's self-signed S/MIME certificate from a > > ".cer" file into your "Authorities" tab. So much for "being easier > > because keys are automatically embedded in the signatures." > > Well I was referring to the following 10 years old bug > https://bugzilla.mozilla.org/show_bug.cgi?id=209182 > > I have the feeling this is a design decision by "philosophy": > thunderbird/semonkey don't encourage the use of self-signed certificates > (BTW I just learn that there is a add-on, key-manager which generates > self-signed certificates, similar as it seems to me to the BAT.
This bug seems to cry out for an add-on. Then people who (think they) know what they are doing can have the additional convenience, and the rest can do whatever it is they do now. I would guess there is resistance to putting this into the base product on the theory that 99.9% of users will just hit "yes", meaning "get rid of this unintelligible dialog and let me read the message", which is arguably a Bad Thing. Since we're getting offtopic anyway, I'll continue and opine that this add-on would only be doing for self-signed cert.s and other unknown CAs the same thing that the user *should* have done with those commercial root cert.s: evaluate and install them individually. (Of course hardly any of us have done this.) -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Machines should not be friendly. Machines should be obedient.
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users