Hi Vilius et al, <big snip> >> There are 2 main uses for PKE.
>> 1.- Certify endpoints. For this there must be an unbroken certificate >> chain from a trusted CA down through 0 or more intermediate >> certificates to the end certificate that is being used. For this >> purpose Vilius is right, self-signed certificates are no use. >> 2.- Secure communications channel. The communication is opaque to all >> but the 2 endpoints that are communicating. When you perform >> IMAP/POP3/SMTP authentication you are sending your login details, you >> definitely don't what people to read that, and you might not want them >> to read the mail contents either. For this purpose self-signed >> certificates are perfectly OK. <snip> >> I want The Bat! to store the self-signed certificate so that I can >> simplify purpose 2 above. > Completely true. With small addition, that point 2 only makes sense > when you can certify endpoints also. E.i. to allow self-signed > communication in secure manner you MUST get certificate from the > person you trust, on USB key, or that such certificate should be > pushed securely through Windows Group Policy for example. Trusting > (e.g. accepting) self-signed CA through internet is risky. You > could actually be accepting certificate of transparent proxy without > knowing it, you have to check figerprint, etc, etc. This is why I > think current method is really enough. If it doesn't work as some > users said, then of course BT ticket should be created for that. You are still mixing purpose 1 and 2. The channel securing is independent of who generated the key. End of story. Self-signed, Verisign-signed doesn't change anything. What most current applications do (whether you agree or not) when they find a certificate that they cannot trust implicitly is ask for an explicit authorization, which given the comments about CA vulnerability might actually be safer than the existing implicit rules. This is what the confirmation dialog does. It says "I have this certificate that I don't trust, do you trust it?" and also gives the details for the certificate. This means that the user has the control to decide whether or not to trust the source. This moves the responsibility for authorising a given certificate from a known flawed implicit mechanism to a user authorization. Which is safer depends on many factors, where you live, how much you know, etc. As I said before, this is a philosophical discussion more than a technical issue. Also take into account that The Bat! does not live in a vacuum and so should look at what other products are doing. In the HTML discussion I personally think that The Bat! has it right, however in this case I think it has it wrong. Regards. -- __ _ Debian GNU User Simon Martin / /(_)_ __ _ ___ __ __ Project Manager / / | | '_ \| | | \ \/ / Milliways / /__| | | | | |_| |> < mailto: smar...@milliways.cl \____/_|_| |_|\__,_/_/\_\ Si Hoc Legere Scis Nimium Eruditionis Habes ________________________________________________________ Current beta is 5.0.6.1 | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html