Re: Thunderbird S/MIME guys - Digitally-Signed Mail in e-Commerce - FC05 survey

Sat, 26 Mar 2005 05:11:52 -0800 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

Ian G wrote:
| So now I have to figure out how to find a cert for
| this email address.  Now given that it took like
| 10 minutes of clicking around by an expert in the
| CA's business to do with the one cert I've got, I'm
| not hopeful!
|
| Especially as there is no button to create a cert.
|
You are more than welcome to create a self-signed cert. But surely you
are aware of the ramifications of such an approach. That's why we've
been bashing our collective heads for these past months on Root CA
policies eh - a shared common root?


|My personal policy (and recommendation) would be
|to never sign email, because it has no clear
|meaning.  At least in OpenPGP it is undefined
|what the meaning is, by definition!

That's news to me! People sign using OpenPGP all the time!

|So this would result in encryption being denied.
|That's ludicruous!  Is that in the standard?

Well yeah, that's why it's called "public-key" encryption. You somehow
have to have your correspondent's public-key before encrypting to him.
Most usually this is done via sending a signed-message beforehand. You
may opt to have him ftp/telnet/ssh/carrier-pigeon the key, but
nonetheless you gotta have it.


- --

Cheers!

J. Wren Hunt
Cambridge, MA. USA

- ------------
"In theory, there is no difference between theory and practice. But, in
practice, there is." - Jan L.A. van de Snepscheut

+------------------------------------------------------------------+
| v-card   http://wrenhunt.homelinux.org/data/wren.vcf             |
| x.509    http://wrenhunt.homelinux.org/data/thawte_wren_hunt.cer |
| OpenPGP  ADF5 1432 A59E 8F4D 4AE7  4DFE 03FA 91E1 4A24 D6F4      |
+------------------------------------------------------------------+


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (Darwin)

iD8DBQFCRV4cA/qR4Uok1vQRA2DiAJsFFJfrNCVBZ6aqRLpknIcMD6KB4wCg5MTz
wAUr+8FxeuT7cmXCLjE4cyU=
=ho02
-----END PGP SIGNATURE-----
_______________________________________________
Mozilla-security mailing list
Mozilla-security@mozilla.org
http://mail.mozilla.org/listinfo/mozilla-security

Reply via email to