Hi,
I'm using Mutt for some time and It is great!
I have a number of cert/priv.keys already. All are imported into my
store under the label "zito".
All certs are one year validity.
zito@bobek:~/.keystore$ smime_keys list|fgrep zito
243f80ec.0: Issued for: vaclav.ov...@i.cz "zito" (Expired)
Subject: Ovs\xEDk V\xE1clav (zito)
243f80ec.1: Issued for: vaclav.ov...@i.cz "zito" (Expired)
Subject: Ovs\xEDk V\xE1clav (zito)
243f80ec.2: Issued for: vaclav.ov...@i.cz "zito" (Expired)
Subject: Ovs\xEDk V\xE1clav (zito)
243f80ec.3: Issued for: vaclav.ov...@i.cz "zito" (Expired)
Subject: Ovs\xEDk V\xE1clav (zito)
243f80ec.4: Issued for: vaclav.ov...@i.cz "zito" (Trusted)
Subject: Ovs\xEDk V\xE1clav (zito)
243f80ec.5: Issued for: vaclav.ov...@i.cz "zito" (Trusted)
Subject: Ovs\xEDk V\xE1clav (zito)
243f80ec.6: Issued for: vaclav.ov...@i.cz "zito" (Trusted)
Subject: Ovs\xC3\xADk V\xC3\xA1clav (zito)
zito@bobek:~/.keystore/cert$ for x in 243f80ec.*; do echo -n "$x: "; openssl
x509 -enddate -noout -in $x; done
243f80ec.0: notAfter=Feb 17 09:42:25 2009 GMT
243f80ec.1: notAfter=Jan 29 13:43:16 2011 GMT
243f80ec.2: notAfter=Jan 24 13:19:51 2012 GMT
243f80ec.3: notAfter=Feb 9 07:42:37 2010 GMT
243f80ec.4: notAfter=Jan 16 07:16:55 2013 GMT
243f80ec.5: notAfter=Jan 17 12:05:54 2014 GMT
243f80ec.6: notAfter=Nov 12 14:08:37 2014 GMT
There are problems:
1) The only valid cert is the last (243f80ec.6), all previous are
Expired. Some certs was valid in the time of its import
(243f80ec.{4,5}).
- What should I do, to refresh the validity in the .index file?
...of course I can change `t' to `e' by hand :), but I hope this
is not the intention.
2) When I receive an encrypted message, Mutt asks me what key to use
to decrypt a message and the keys it offers are in strange order.
For example I hit the enc. message and the Mutt asks:
Use ID 243f80ec.1 for vaclav.ov...@i.cz ? ([no]/yes):
Use ID 243f80ec.2 for vaclav.ov...@i.cz ? ([no]/yes):
Use ID 243f80ec.3 for vaclav.ov...@i.cz ? ([no]/yes):
Use ID 243f80ec.4 for vaclav.ov...@i.cz ? ([no]/yes):
Use ID 243f80ec.5 for vaclav.ov...@i.cz ? ([no]/yes):
Use ID 243f80ec.6 for vaclav.ov...@i.cz ? ([no]/yes):
Use ID 243f80ec.0 for vaclav.ov...@i.cz ? ([no]/yes):
Enter keyID for vaclav.ov...@i.cz:
...and finally the list of all
So this is a bit torture, especially in the case, some colleague
send me a message encrypted with the already expired keys.
3) The above problem applies to archive of old messages. I'm not able
to guess what key to use for several year old message and I simply
tries everyone.
Is it possible to configure Mutt to try every key from store to decrypt
message without asking in the case the pass-phrase is the same for all
keys?
Best Regards
--
Zito
