RE: Decrypting encrypted e-mail in OE 5
>= Original Message From [EMAIL PROTECTED] = >The picture shows that you have the High Crypto pack installed (The 128bit >encryption statement in the about box). So my assumptions are wrong and I >have no idea at the moment what else could cause your problem, sorry. :-( After trying again and again, I figured out some strange thing. I retrieve my personal digital certificate from the CA using IE. If someone encrypt an e-mail using this digital certificate, the encrypted e-mail can't be decrypted in Outlook Express even if the digital certificate exist. I tried to export the certificate from IE then import to Netscape. Then I remove the certificate from IE immediately. Finally I export the certificate from Netscape as a .p12 file and import this .p12 file back to IE. In simple words, IE -> Netscape -> IE. Now the same encrypted e-mail can be decrypted in Outlook Express. What do Netscape and IE actually do during the process of import/export PKCS#12 file? The same digital certificate, but different outcome. Please help me to solve this problem. Thank you. Angus Lee --- Get Your Free Email at http://www.hknetmail.com __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RE: Decrypting encrypted e-mail in OE 5
The picture shows that you have the High Crypto pack installed (The 128bit encryption statement in the about box). So my assumptions are wrong and I have no idea at the moment what else could cause your problem, sorry. :-( Best regards, Reiner. > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Angus Lee > Sent: Tuesday, October 16, 2001 1:11 PM > To: [EMAIL PROTECTED] > Subject: RE: Decrypting encrypted e-mail in OE 5 > > > >= Original Message From [EMAIL PROTECTED] = > >Can you check if the IE5 installation is High Crypto? If not > >this might be the problem. Try generating a cert with 512 Bit > >in IE6 or upgrade IE5 to High Crypto version if this is the > >cause. > > I guess my IE 5 has high crypto pack installed. A jpeg of my IE's > about box is > attached. Could you check for me? Thank you. > > I found that my CA's private key is 2048 bits. Does it affect OE > 6 or below? I > regenerated my CA's key pair using 1024 bits. However it turned > out that both > OE 5 and OE 5 couldn't decrypt the encrypted mail. I have no problem > decrypting the mail using OpenSSL. > > Angus Lee > > --- > Get Your Free Email at http://www.hknetmail.com > __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RE: Decrypting encrypted e-mail in OE 5
Specifically, IE5.01SP2 has 128bit support. This is the oldest version of IE that MS currently supports. A trip to http://windowsupdate.microsoft.com/ will allow you to upgrade to this. - John Airey Internet systems support officer, ITCSD, Royal National Institute for the Blind, Bakewell Road, Peterborough PE2 6XU, Tel.: +44 (0) 1733 375299 Fax: +44 (0) 1733 370848 [EMAIL PROTECTED] >-Original Message- >From: Reiner Buehl [mailto:[EMAIL PROTECTED]] >Sent: 16 October 2001 11:45 >To: [EMAIL PROTECTED] >Subject: RE: Decrypting encrypted e-mail in OE 5 > > >Can you check if the IE5 installation is High Crypto? If not >this might be the problem. Try generating a cert with 512 Bit >in IE6 or upgrade IE5 to High Crypto version if this is the >cause. > >Best regards, >Reiner. > >> -Original Message- >> From: [EMAIL PROTECTED] >> [mailto:[EMAIL PROTECTED]]On Behalf Of Angus Lee >> Sent: Tuesday, October 16, 2001 11:47 AM >> To: [EMAIL PROTECTED] >> Subject: Decrypting encrypted e-mail in OE 5 >> >> >> Hi, >> >> I've set up my own CA using OpenSSL. I suppose there're no known >> problems/mistakes in my CA setup. I could used the digital >> certificates issued >> by this CA to send secure e-mail and login intranet web sites (in >> my office) >> which require client authentication. >> >> Now I have two e-mail accounts, suppose one is S and another one >> is W. S is >> using IE 5 with SP2 (but the Outlook Express version is 5.5 as >> reported by the >> application) while W is using IE 6. Both run on Microsoft Windows >> 2000 with >> SP2. S and W exchange their public certificate by sending a >> signed e-mail to >> one another. Then both reply with an encrypted e-mail using >> Outlook Express. >> >> W which has IE 6 has no problem decrypting the encryted >e-mail sent by S. >> S which has IE 5 SP2 could NOT decrypt the encrypted e-mail >sent by W. >> >> The error message is: >> Error Decrypting Message >> You cannot read the message. >> -- >> >> -- >> This might be because: >> o You may have lost or deleted the Digital ID that the message is >> encrypted >> to. >> o You may have installed the Digital ID that the message is >> encrypted to on >> another computer. >> o The sender may have meant the message for somebody else. >> o You do not have the necessary security package installed on >> this computer. >> >> I have the some problem on another machine which has IE 5.5 SP2 >> installed. >> Could someone please help me? >> >> The BIG problem is that both S and W have no problem decrypting >> e-mail when I >> use digital certificates issued by Thawte. I guess there may >be something >> wrong with my CA setup. Please also find the openssl.cnf I use >> for my own CA. >> >> Thank you very much. >> >> Angus Lee >> >> --- >> Get Your Free Email at http://www.hknetmail.com >> > >__ >OpenSSL Project http://www.openssl.org >User Support Mailing List[EMAIL PROTECTED] >Automated List Manager [EMAIL PROTECTED] > - NOTICE: The information contained in this email and any attachments is confidential and may be legally privileged. If you are not the intended recipient you are hereby notified that you must not use, disclose, distribute, copy, print or rely on this email's content. If you are not the intended recipient, please notify the sender immediately and then delete the email and any attachments from your system. RNIB has made strenuous efforts to ensure that emails and any attachments generated by its staff are free from viruses. However, it cannot accept any responsibility for any viruses which are transmitted. We therefore recommend you scan all attachments. Please note that the statements and views expressed in this email and any attachments are those of the author and do not necessarily represent those of RNIB. RNIB Registered Charity Number: 226227 Website: http://www.rnib.org.uk __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RE: Decrypting encrypted e-mail in OE 5
Can you check if the IE5 installation is High Crypto? If not this might be the problem. Try generating a cert with 512 Bit in IE6 or upgrade IE5 to High Crypto version if this is the cause. Best regards, Reiner. > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Angus Lee > Sent: Tuesday, October 16, 2001 11:47 AM > To: [EMAIL PROTECTED] > Subject: Decrypting encrypted e-mail in OE 5 > > > Hi, > > I've set up my own CA using OpenSSL. I suppose there're no known > problems/mistakes in my CA setup. I could used the digital > certificates issued > by this CA to send secure e-mail and login intranet web sites (in > my office) > which require client authentication. > > Now I have two e-mail accounts, suppose one is S and another one > is W. S is > using IE 5 with SP2 (but the Outlook Express version is 5.5 as > reported by the > application) while W is using IE 6. Both run on Microsoft Windows > 2000 with > SP2. S and W exchange their public certificate by sending a > signed e-mail to > one another. Then both reply with an encrypted e-mail using > Outlook Express. > > W which has IE 6 has no problem decrypting the encryted e-mail sent by S. > S which has IE 5 SP2 could NOT decrypt the encrypted e-mail sent by W. > > The error message is: > Error Decrypting Message > You cannot read the message. > -- > > -- > This might be because: > o You may have lost or deleted the Digital ID that the message is > encrypted > to. > o You may have installed the Digital ID that the message is > encrypted to on > another computer. > o The sender may have meant the message for somebody else. > o You do not have the necessary security package installed on > this computer. > > I have the some problem on another machine which has IE 5.5 SP2 > installed. > Could someone please help me? > > The BIG problem is that both S and W have no problem decrypting > e-mail when I > use digital certificates issued by Thawte. I guess there may be something > wrong with my CA setup. Please also find the openssl.cnf I use > for my own CA. > > Thank you very much. > > Angus Lee > > --- > Get Your Free Email at http://www.hknetmail.com > __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RE: Decrypting encrypted e-mail in OE 5
>= Original Message From [EMAIL PROTECTED] = >Now I have two e-mail accounts, suppose one is S and another one is W. S is >using IE 5 with SP2 (but the Outlook Express version is 5.5 as reported by the >application) while W is using IE 6. Both run on Microsoft Windows 2000 with >SP2. S and W exchange their public certificate by sending a signed e-mail to >one another. Then both reply with an encrypted e-mail using Outlook Express. > >W which has IE 6 has no problem decrypting the encryted e-mail sent by S. >S which has IE 5 SP2 could NOT decrypt the encrypted e-mail sent by W. Just want to more information: Netscape 4.78 has no such problem. Is there any incompatibilities between Netscape and IE when dealing with encrypted e-mail? I scanned the web and found that there're some S/MIME version 2 or version 3 standards. Do they affect? Angus Lee --- Get Your Free Email at http://www.hknetmail.com __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
