SMIME certificates used to encrypt email

2011-02-08 Thread Daniel Zamorano
Hi List, I'm working with a library to decrypt emails with openssl, all is working well if I know which certificate was used, but now I need to detect which certificate was used to encrypt it and I want to know if openssl can do this automatically and if not I want to know if there is some alterna

Re: smime certificates

2004-11-16 Thread Charles B Cranston
I'm afraid that this is "just the way it works". Starting from first principles, there's only a few ways a system COULD be coded to work: 1. decrypt all messages as they are received, so the encryption is only for when the message is actually being transmitted 2. decrypt all messages as they are

Re: smime certificates

2004-11-15 Thread Bernhard Froehlich
Jason Haar wrote: This is something I noticed before too - and appears to be a real "failing" with PKI. Although by "failing" I mean "not what end-users expect"... Let's assume the whole world has embraced PKI and everyone is sending/receiving S/MIME encrypted e-mails. How are we (as a society

Re: smime certificates

2004-11-15 Thread Jason Haar
Dr. Stephen Henson wrote: Well unless the software provides a means to reencrypt with a new certificate the only way is to keep the old certificates and private keys on the system. This is something I noticed before too - and appears to be a real "failing" with PKI. Although by "failing" I mea

Re: smime certificates

2004-11-15 Thread Dr. Stephen Henson
On Mon, Nov 15, 2004, [EMAIL PROTECTED] wrote: > > The link that outlook appears to use is the serial number, if it does not > find a certificate with the same serial number as the one in the message > it will not find the private key to decrypt the message. > This is part of the S/MIME v2 (PKCS#

Re: smime certificates

2004-11-15 Thread openssl
> [EMAIL PROTECTED] wrote: > >>I have been trying to renew a certificate geterated for signing emails. >>The renew goes ok. first revoke old one then resign req with new end date >>etc. and I can use the new certificate ok. >> >>However if I try and open an "old" email sent from home using my old >

Re: smime certificates

2004-11-15 Thread Bernhard Froehlich
[EMAIL PROTECTED] wrote: I have been trying to renew a certificate geterated for signing emails. The renew goes ok. first revoke old one then resign req with new end date etc. and I can use the new certificate ok. However if I try and open an "old" email sent from home using my old certificate to s

smime certificates

2004-11-15 Thread openssl
I have been trying to renew a certificate geterated for signing emails. The renew goes ok. first revoke old one then resign req with new end date etc. and I can use the new certificate ok. However if I try and open an "old" email sent from home using my old certificate to sign it - I can't Outlook