Jens Lechtenboerger [2018-04-30 08:19:39+02] wrote:
> You don’t. You should not trust them if you don’t know anything about
> them.
> Personally, I try to verify CAs’ fingerprints. Afterwards, I express
> my “trust” in other people’s choices of CAs when verifying their
> signatures (so, pretend “
On 2018-04-28, Teemu Likonen wrote:
> When verifying an S/MIME message gpgsm (I think) asks whether I
> ultimately trust some certificate authority to certify others and then
> asks me to verify that a displayed fingerprint belongs to the authority.
> How do I know? (So far I have pressed the "Can
I read email with Gnus (Emacs) and from time to time someone has signed
his mail with S/MIME (X.509) system. My Gnus tries to verify signatures
automatically and it works nicely with PGP/MIME but S/MIME is more
difficult.
When verifying an S/MIME message gpgsm (I think) asks whether I
ultimately t
