Ian G wrote: > That would be a bug, if true. Even if one were not > aghast at the temerity of restricting signatures to > people with paid permission ... I would have thought > it blindingly obvious that the *verification* is where > the quality of the signature chain should be checked.
The entire certificate chain is actually sent, so I'm most interested in what solution mozilla guys can come up with to link the trust db from firefox to thunderbird so people don't have to keep exporting/importing, bit like exporting from MS IE to MS Outlook, most annoying really... > (It doesn't say anywhere that the cert is not "trusted" > by Thunderbird so it may be that there is another > problem elsewhere. Are CACerts and Thunderbird > compatible ? Hey Duane, any daylight down there?) Actually I'm in the US atm... and technically it's 2pm in Australia :) -- Best regards, Duane http://www.cacert.org - Free Security Certificates http://www.nodedb.com - Think globally, network locally http://www.sydneywireless.com - Telecommunications Freedom http://happysnapper.com.au - Sell your photos over the net! http://e164.org - Using Enum.164 to interconnect asterisk servers "In the long run the pessimist may be proved right, but the optimist has a better time on the trip." _______________________________________________ Mozilla-security mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-security
