Quoting Michael M Slusarz <slus...@horde.org>:
Quoting Edward Burr <egb...@burr.cc>:
I am receiving email from a friend who uses Lotus Notes and is
signing his emails. After much effort, I finally figured out how to
extract the certificate from the smime.p7s file and import it into
imp (since you can't just import the smime.p7s file directly). Now
I am able to encrypt email to him, and imp successfully decrypts
email from him (getting a key and sending him my public key was
simple compared to importing the smime.p7s cert).
However, one thing I have not been able to figure out yet: I can
not find any indication whether the signed email from him is valid
or not. The only way I know it is signed is because of the attached
smime.p7s file, but imp gives no hint that it has actually checked
whether the message and signature has been checked. For an
encrypted message, I figure I can safely assume it is intact, but
what about an unencrypted message?
S/MIME signed messages will have a border around the signed content
in the message view with a yellow info box that says "The data in
this part has been digitally signed via S/MIME." and will have a
link to verify the data.
if you are not seeing this then your system either doesn't have
support for openssl in PHP or it is disabled in the Horde/IMP
configuration. (FYI: your message to the list, that I am replying
to, is S/MIME signed and I can verify the signature).
That's the thing. I do have support for openssl in PHP and it is
enabled in the Horde/IMP configuration. In the test.php page, under
PHP Module Capabilities, it shows "OpenSSL Support: Yes". And in the
Horde configuration under OpenSSL I have $conf[openssl][cafile] =
/etc/ssl/certs and $conf[openssl][path] = /usr/bin/openssl
The same sender can encrypt his email, and IMP decrypts it just fine
once I enter my passphrase:
The data in this part has been encrypted via S/MIME.
You must enter the passphrase for your S/MIME private key to view this data.
Whether his message was encrypted or not, it gives me the "S/MIME
Cryptographic Signature" as an attached smime.p7s file but no border
around the signed content and no message about the data having been
signed. Mozilla Thunderbird shows that the message is signed and valid.
I am also able to sign and encrypt outgoing mail, and my friend has
received and verified both. It is only the signature on incoming mail
that is a problem.
Edward
--
"In television it is a cardinal sin to allow the viewer a
single moment when his ears and eyes are not assaulted by
sound and fury" -- Alfred Hitchcock, announcing a commercial
break in "Hangover" aired 12/06/1962 and just as true today
--
imp mailing list
Frequently Asked Questions: http://wiki.horde.org/FAQ
To unsubscribe, mail: imp-unsubscr...@lists.horde.org
