Dear Cristina, @5-Oct-2004, 12:31 Maria Cristina Ramos [CR] in mid:[EMAIL PROTECTED] said to Marck:
MDP>> ... and this one with a brand new, freshly generated, self signed one. CR> They are different than those with PGP, because they appear CR> already verified, with no ? I meant to answer you the first time you asked this question - I forgot ... sorry! PGP messages are signed with a key. The key is kept on an external PGP keyring which has no connection to TB nor an API. If the key does not exist on the keyring it may even have to be acquired from a keyserver before any verification can be done. All in all this means that TB has to refer to external applications and sources to verify a PGP signature. Such action requires user permission and control before it can take place - hence the ? button. S/MIME keys are held in the TB address book record for the individual and are encapsulated in the signature. TB doesn't have to make any external reference to verify such a signature and can do so without any kind of user intervention. So the message is automatically verified and the results displayed as a tick or a cross. CR> The first one had a green check, Yes - it was a Thawte issued certificate with full provenance from the certification authority - Thawte. CR> this comes with a red sign with a cross. Yes - it was a self generated certificate without any known certification authority. If you explore the certificate and request that I be added to your root authority, then any certificates I generate will be valid on your system. CR> So those self signed are useless? Pretty much. -- Cheers -- //.arck D Pearlstone -- List moderator and fellow end user TB! v3.0.1 RC3 on Windows XP 5.1.2600 Service Pack 2 '
pgpR87NWoHR5x.pgp
Description: PGP signature
________________________________________________ Current version is 3.00.00 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
