From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.io/gmane.emacs.gnus.general/86213 Path: news.gmane.org!not-for-mail From: jens.lechtenboerger@fsfe.org Newsgroups: gmane.emacs.gnus.general Subject: Re: S/MIME verification, marking of encryped Date: Sun, 11 Oct 2015 10:17:54 +0200 (CEST) Message-ID: <1562862440.6587.1444551474352.JavaMail.open-xchange@ox1app> References: <1135889000.4424.1444461613315.JavaMail.open-xchange@ox1app> Reply-To: jens.lechtenboerger@fsfe.org NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Trace: ger.gmane.org 1444551571 1879 80.91.229.3 (11 Oct 2015 08:19:31 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Sun, 11 Oct 2015 08:19:31 +0000 (UTC) Cc: ding Original-X-From: ding-owner+M34447@lists.math.uh.edu Sun Oct 11 10:19:19 2015 Return-path: Envelope-to: ding-account@gmane.org Original-Received: from lists1.math.uh.edu ([129.7.128.208]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1ZlBqg-00055l-At for ding-account@gmane.org; Sun, 11 Oct 2015 10:19:18 +0200 Original-Received: from localhost ([127.0.0.1] helo=lists.math.uh.edu) by lists1.math.uh.edu with smtp (Exim 4.85) (envelope-from ) id 1ZlBpY-0000mj-B7; Sun, 11 Oct 2015 03:18:08 -0500 Original-Received: from mx1.math.uh.edu ([129.7.128.32]) by lists1.math.uh.edu with esmtps (TLSv1.2:AES128-GCM-SHA256:128) (Exim 4.85) (envelope-from ) id 1ZlBpW-0000mO-3q for ding@lists.math.uh.edu; Sun, 11 Oct 2015 03:18:06 -0500 Original-Received: from quimby.gnus.org ([80.91.231.51]) by mx1.math.uh.edu with esmtps (TLSv1.2:DHE-RSA-AES128-SHA:128) (Exim 4.85) (envelope-from ) id 1ZlBpT-0008PZ-4w for ding@lists.math.uh.edu; Sun, 11 Oct 2015 03:18:06 -0500 Original-Received: from mx2.mailbox.org ([80.241.60.215]) by quimby.gnus.org with esmtps (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from ) id 1ZlBpR-0000TY-58 for ding@gnus.org; Sun, 11 Oct 2015 10:18:01 +0200 Original-Received: from smtp1.mailbox.org (smtp1.mailbox.org [80.241.60.240]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx2.mailbox.org (Postfix) with ESMTPS id 8E69D4348E for ; Sun, 11 Oct 2015 10:17:55 +0200 (CEST) X-Virus-Scanned: amavisd-new at heinlein-support.de Original-Received: from smtp1.mailbox.org ([80.241.60.240]) by gerste.heinlein-support.de (gerste.heinlein-support.de [91.198.250.173]) (amavisd-new, port 10030) with ESMTP id Y51Oi_XEpDGz for ; Sun, 11 Oct 2015 10:17:54 +0200 (CEST) In-Reply-To: X-Priority: 3 Importance: Medium X-Mailer: Open-Xchange Mailer v7.6.2-Rev33 X-Originating-Client: open-xchange-appsuite X-Spam-Score: -2.5 (--) List-ID: Precedence: bulk Xref: news.gmane.org gmane.emacs.gnus.general:86213 Archived-At: Greg Troxel writes: > jens.lechtenboerger@fsfe.org writes: > > Your blog post conflates the common PKI model and the S/MIME standard > itself I hope not. I explain that you need a notion of trust, and I also mention the case of the monopoly. > - which I realize is how normal people come to this. Come to what? > Some organizations use S/MIME but only configure their own CAs as > trust anchors. This is quite sane. But I agree that that vast CA > list is goofy and inflicted on most people. Using just your own CA conflicts with the decentralized model of e-mail. >> My recommendation is to stay away from openssl. Use gpgsm. > > So perhaps the defaults should be flipped in gnus, so that epg/gpgsm is > used, throwing an error if not found (or silently not decoding merely > signed?), unless someone has explicitly asked for the openssl version? Yes, I agree. Actually, I plan to propose that later this month. Currently, I=E2=80=99m working on the refactoring of encryption related cod= e in Gnus that I proposed more than a year ago on this list. >> My advice is to go for OpenPGP :-) > > You vastly overestimate my status as world dictator :-) Too bad. Definitely worth a try. Best wishes Jens