From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.io/gmane.emacs.gnus.general/33205 Path: main.gmane.org!not-for-mail From: Simon Josefsson Newsgroups: gmane.emacs.gnus.general Subject: Re: S/MIME Date: Sun, 5 Nov 2000 15:14:03 +0100 (CET) Sender: owner-ding@hpc.uh.edu Message-ID: References: <2n3dh6o81d.fsf@tiger.jia.vnet> NNTP-Posting-Host: coloc-standby.netfonds.no Mime-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Trace: main.gmane.org 1035169353 23835 80.91.224.250 (21 Oct 2002 03:02:33 GMT) X-Complaints-To: usenet@main.gmane.org NNTP-Posting-Date: Mon, 21 Oct 2002 03:02:33 +0000 (UTC) Cc: ding@gnus.org Return-Path: Original-Received: from spinoza.math.uh.edu (spinoza.math.uh.edu [129.7.128.18]) by mailhost.sclp.com (Postfix) with ESMTP id 46D1AD049A for ; Sun, 5 Nov 2000 09:13:59 -0500 (EST) Original-Received: from sina.hpc.uh.edu (lists@Sina.HPC.UH.EDU [129.7.3.5]) by spinoza.math.uh.edu (8.9.1/8.9.1) with ESMTP id IAB05245; Sun, 5 Nov 2000 08:13:49 -0600 (CST) Original-Received: by sina.hpc.uh.edu (TLB v0.09a (1.20 tibbs 1996/10/09 22:03:07)); Sun, 05 Nov 2000 08:13:03 -0600 (CST) Original-Received: from mailhost.sclp.com (postfix@66-209.196.61.interliant.com [209.196.61.66] (may be forged)) by sina.hpc.uh.edu (8.9.3/8.9.3) with ESMTP id IAA05460 for ; Sun, 5 Nov 2000 08:12:53 -0600 (CST) Original-Received: from barbar.josefsson.org (slipsten.extundo.com [195.42.214.241]) by mailhost.sclp.com (Postfix) with ESMTP id B84C2D049A for ; Sun, 5 Nov 2000 09:13:19 -0500 (EST) Original-Received: from localhost (jas@localhost) by barbar.josefsson.org (8.9.3/8.9.3) with ESMTP id PAA19546; Sun, 5 Nov 2000 15:14:09 +0100 X-Authentication-Warning: barbar.josefsson.org: jas owned process doing -bs Original-To: ShengHuo ZHU In-Reply-To: <2n3dh6o81d.fsf@tiger.jia.vnet> Precedence: list X-Majordomo: 1.94.jlt7 Xref: main.gmane.org gmane.emacs.gnus.general:33205 X-Report-Spam: http://spam.gmane.org/gmane.emacs.gnus.general:33205 On 5 Nov 2000, ShengHuo ZHU wrote: > What kind of information mml-smime-verify needs? CTL, From and To? I looked at SMIMEv2 and SMIMEv3 specs but I can't find the reference to looking at From: and comparing it to certificate owner. Perhaps that's simply obvious, altough I can think of some issues (use X.509 subjectAlternateName or not? etc). Ok; CTL is required, From will be needed, To will be needed by encryption/decryption. Verifying signatures without checking that the sender == signer is of course bad. OpenSSL doesn't seem to perform this checking (although it has "-from" and "-to") so we have to do it ourself. Hm, are there any ASN.1 libraries written in elisp? We'd might use `ssl-certificate-information' of ssl.el as an easier solution.