[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: S/MIME with OpenSSL?
From: |
Adam Sjøgren |
Subject: |
Re: S/MIME with OpenSSL? |
Date: |
Thu, 12 Nov 2015 16:31:01 +0100 |
User-agent: |
Gnus/5.130014 (Ma Gnus v0.14) Emacs/24.5 (gnu/linux) |
Uwe writes:
> This is not about impose, this is about practical matter.
Sure. My point is that I don't want to tell people how to handle their
email.
> Suppose you want to interchange confidential information with someone
> outside the GNU/emacs world and that person has very little computer
> knowledge. For him/her pgp is a nightmare to install. Smime not.
I understand that this is how you feel. You haven't convinced me this is
the case. You just keep stating that it is.
> >> operations S/MIME PGP
> >> Inst of software no; included yes
>
> > I think you have some hidden assumptions about what software is used
> > here? Don't both S/MIME and PGP use external tools in Gnus?
> I am speaking here about software in general, almost all mail programs,
> thunderbird, evolution, kmail, outlook, whatever have smime support
I see. I have never heard of anyone (but you) using S/MIME with any of
these programs.
> > This seems to be a negative for S/MIME: it is easy to generate a PGP
> > key. How do you generate an S/MIME certificate?
> It is not easy to generate a pgp for an illiterate, trust me. You can
> generate a S/MIME certificate, but it will be self signed and therefore
> useless, most clients would refuse a message from someone with a self
> signed certificate. So you apply for certifcate which is signed by a
> root authority, in one of the dozen services like commodo, they provide
> with a class 1[1] certificate for one year.[2]
So, in my eyes, PGP is much easier here. I don't even know how to tell
someone to "apply for a certificate signed by a root authority", much
less how to get the certificate into their chosen email-program. But
every "illiterate" computer user knows this?
> > I've set up Gnus/GnuPG to automatically fetch keys for every person I
> > see a signature from, so there is nothing manual for me to do here.
>
> Again this is not as trivial as you think. An my fetch you mean from a
> keyserver where that person has uploaded his key I presume.
It is literally one line of configuration. Much easier than "applying
for a certificate signed by a root authority" - what so-called
"illiterate" person even knows what those words mean, much less how to
do it?
Oh, and, ooops, that's exactly what you say the problem with creating a
PGP key is.
Maybe we should wrap this up, as both are, as far as I know, equally
supported by Gnus, and so this is wandering off topic.
Best regards,
Adam
--
"Lef ma nine imma Jeep" Adam Sjøgren
asjo@koldfront.dk
- S/MIME with OpenSSL?, Jens Lechtenboerger, 2015/11/08
- Message not available
- Re: S/MIME with OpenSSL?, Adam Sjøgren, 2015/11/10
- Re: S/MIME with OpenSSL?, Uwe Brauer, 2015/11/11
- Re: S/MIME with OpenSSL?, Adam Sjøgren, 2015/11/11
- Re: S/MIME with OpenSSL?, Uwe Brauer, 2015/11/12
- Re: S/MIME with OpenSSL?,
Adam Sjøgren <=
- Re: S/MIME with OpenSSL?, Uwe Brauer, 2015/11/13
- Trust and public keys (was: S/MIME with OpenSSL?), Jens Lechtenboerger, 2015/11/14
- Re: Trust and public keys, Uwe Brauer, 2015/11/16
- Re: Trust and public keys, Jens Lechtenboerger, 2015/11/16
- Re: Trust and public keys, Uwe Brauer, 2015/11/18
- Re: Trust and public keys, Jens Lechtenboerger, 2015/11/19
- [smime and gpg] (was: Trust and public keys), Uwe Brauer, 2015/11/22
- Re: Trust and public keys, Uwe Brauer, 2015/11/16
- Re: S/MIME with OpenSSL?, Peter Münster, 2015/11/12
- Re: S/MIME with OpenSSL?, Uwe Brauer, 2015/11/13