* problems with smime and gpgsm
@ 2012-12-15 20:02 Uwe Brauer
2012-12-15 21:54 ` Uwe Brauer
0 siblings, 1 reply; 2+ messages in thread
From: Uwe Brauer @ 2012-12-15 20:02 UTC (permalink / raw)
To: ding
Hello
I have used for years pgp to sign and encrypt mail, but I am
faced with the fact that most people prefer smime, since it
is easier to set up. Since I have not experience with smime
I started with seamonkey/thunderbird and the two gmail
accounts I have.
- I applied for a ssl certificate from
http://www.comodo.com/
one for user1@gmail.com
the other for user2@gmail.com. Set up seamonkey and
- I then send a signed message from user1 to
user2. And from user2 to user1. Since a signature
contains the openkey, I am ready to go and it worked
with seamonkey.
- Now with gnus, I read
http://www.emacswiki.org/emacs/GnusSMIME, but also
http://comments.gmane.org/gmane.emacs.gnus.general/67386
and had the feeling it is better to use gpgsm instead
of openssl[1]
So I exported (backed up) my certificate of
user1@gmail.com to a p12 file and imported it via
gpgsm --import
Which worked nicely. So far so good.
I sent with seamonkey a mail from user1@gmail.com to
user1@gmail.com
encrypted and signed it.
- Now I used to gnu to read this mail via nnimap, and I
could decrypt and check the signature.
- *However* when I tried to reply and to encrypt and
sign the new message, gnus refused.
The gnupg-agent saves everything into $HOME/.gnupg so
shall I set the CA and the cert directory-variables
smime-certificate-directory
to this directory????
- Also *important*: if I receive a signed message from
another user how can I extract his key from the
signature?? In http://www.emacswiki.org/emacs/GnusSMIME
there is a function but it does not work for me I
only see the tag
[[S/MIME Signed Part:Good signature from
2D23D0109880A019E3164F37A3404EFC75E655A5
/EMail=oub.oub.oub@gmail.com (trust undefined)]]
In the message and when applying the extract function I
obtain No valid S/MIME signed message found.
Well I have also directory
/home/oub/.gnupg/private-keys-v1.d which contains two keys,
but I don't know how to use them with gnus.
If somebody can point me out some manual or clarifying
something I would be really grateful.
Thanks
Uwe Brauer
Footnotes:
[1] the setup looked also easier.
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: problems with smime and gpgsm
2012-12-15 20:02 problems with smime and gpgsm Uwe Brauer
@ 2012-12-15 21:54 ` Uwe Brauer
0 siblings, 0 replies; 2+ messages in thread
From: Uwe Brauer @ 2012-12-15 21:54 UTC (permalink / raw)
To: ding
I forgot to add the error I obtain when trying to encrypt
(or sign) is
Encrypt failed: ((invalid-recipient (reason . 10)
(requested-recipient . "A3404EFC75E655A5")))
Reason 10 means untrusted cert/key.
I don't know how to flag my keys as trusted or tell epg
to encrypt or sign anyhow.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2012-12-15 21:54 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2012-12-15 20:02 problems with smime and gpgsm Uwe Brauer
2012-12-15 21:54 ` Uwe Brauer
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).