-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi
On Wednesday 6 November 2013 at 11:42:49 AM, in <mid:87txfpg3ie....@gilgamesch.quim.ucm.es>, Uwe Brauer wrote: > Well take for example iOs: using pgp is a sort of a > nightmare. So I have heard. > The reasons why I think smime is easier to use for the > average user are: smime is already installed in most > MUA (so no additional software+plugin) But all the hordes who use webmail are pretty-much still out of luck, though. (With certain exceptions, such as hushmail.) > keypairs are > generated and signed by the "trust center". I don't know about the "trust centre." The Bat! gives me the choice of its own internal implementation or Microsoft Crypto-API, which is part of Windows. (The Bat! and Windows are closed-source proprietary products that we probably shouldn't discuss too much on this list.) > Public > keys are automatically embedded in the signatures. That is simpler and avoids the web-bug-like effect you have if you choose to auto-retrieve OpenPGP keys from keyservers for new contacts. But must waste a lot of bandwidth between regular correspondents. > Aha I see you use the BAT, an email program I have not > seen in use, for almost a decade. I have used it myself for over nine years. > Good and bad news. > Gpgsm allowed my to use your public keys after having > fireing up a series of questions, iOs also, Good. > (if you > don't mind I send you to test messages later privately) I don't mind. > However thunderbird refuses to use yoru public key > claiming it cannot be trusted. Fair enough. Using its internal implementation, The Bat! accepts signatures from the S/MIME certificate I created last night (because I added it to the trusted root CA address book) and does not accept your S/MIME signature (because Comodo's root certificate is not in the trusted root CA address book - but adding it would be just a few clicks). MS Crypto-API is fine with Comodo's root cert, but says my certificate has an invalid signature algorithm specified. I just searched and found [1] about Thunderbird, which says you can import a copy of other people's self-signed S/MIME certificate from a ".cer" file into your "Authorities" tab. So much for "being easier because keys are automatically embedded in the signatures." > So I am afraid the > issue is to persuade the not only the people but also > the software. As I said, getting other people to persuade their MUA to accept it. [1] <http://kb.mozillazine.org/Installing_an_SMIME_certificate>. - -- Best regards MFPA mailto:expires2...@ymail.com Courage is not the absence of fear, but the mastery of it. -----BEGIN PGP SIGNATURE----- iPQEAQEKAF4FAlJ60MxXFIAAAAAALgAgaXNzdWVyLWZwckBub3RhdGlvbnMub3Bl bnBncC5maWZ0aGhvcnNlbWFuLm5ldEJBMjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0 N0VDQTAzAAoJEKipC46tDG5pfXkEALs5FK+Llmn4wqCq+GUO0+qJ+TjHyHoEFd2R 3RRCHLG1ZcwhP0tOAX9Xo5439N16M31x6FB5u6CglI4RNcMvHK/FwqE1Y6e0I3SR WLqUiX0Oq+JMKQnRBW1DaIGGCIB4uqPQ6DwFKikcA4p4fUSoXpRaKJA7Sar4Sj32 6o35st6x =AcqD -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
