From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.io/gmane.emacs.gnus.general/44160 Path: main.gmane.org!not-for-mail From: david.goldberg6@verizon.net (David S. Goldberg) Newsgroups: gmane.emacs.gnus.general Subject: Re: Problem with smime-CA-directory Date: Thu, 04 Apr 2002 10:55:42 -0500 Sender: owner-ding@hpc.uh.edu Message-ID: References: NNTP-Posting-Host: localhost.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Trace: main.gmane.org 1017935807 24874 127.0.0.1 (4 Apr 2002 15:56:47 GMT) X-Complaints-To: usenet@main.gmane.org NNTP-Posting-Date: Thu, 4 Apr 2002 15:56:47 +0000 (UTC) Original-Received: from malifon.math.uh.edu ([129.7.128.13]) by main.gmane.org with esmtp (Exim 3.33 #1 (Debian)) id 16t9bT-0006T5-00 for ; Thu, 04 Apr 2002 17:56:47 +0200 Original-Received: from sina.hpc.uh.edu ([129.7.128.10] ident=lists) by malifon.math.uh.edu with esmtp (Exim 3.20 #1) id 16t9au-0005G7-00; Thu, 04 Apr 2002 09:56:12 -0600 Original-Received: by sina.hpc.uh.edu (TLB v0.09a (1.20 tibbs 1996/10/09 22:03:07)); Thu, 04 Apr 2002 09:56:20 -0600 (CST) Original-Received: from sclp3.sclp.com (qmailr@sclp3.sclp.com [209.196.61.66]) by sina.hpc.uh.edu (8.9.3/8.9.3) with SMTP id JAA14679 for ; Thu, 4 Apr 2002 09:56:08 -0600 (CST) Original-Received: (qmail 13145 invoked by alias); 4 Apr 2002 15:55:56 -0000 Original-Received: (qmail 13140 invoked from network); 4 Apr 2002 15:55:56 -0000 Original-Received: from unknown (HELO smtpproxy2.mitre.org) (192.80.55.70) by gnus.org with SMTP; 4 Apr 2002 15:55:56 -0000 Original-Received: from avsrv2.mitre.org (avsrv2.mitre.org [128.29.154.4]) by smtpproxy2.mitre.org (8.11.3/8.11.3) with ESMTP id g34Fttx25194 for ; Thu, 4 Apr 2002 10:55:55 -0500 (EST) Original-Received: from MAILHUB2 (mailhub2.mitre.org [129.83.221.18]) by smtpsrv2.mitre.org (8.11.3/8.11.3) with ESMTP id g34Ftsu25873 for ; Thu, 4 Apr 2002 10:55:54 -0500 (EST) Original-Received: from blackbird.mitre.org (129.83.10.221) by mailhub2.mitre.org with SMTP id 9789363; Thu, 04 Apr 2002 10:55:41 -0500 Original-To: The Gnus Mailing List X-Face: GUaHTH@nS>[7,ME@-gYZ4#Wl{z"99k@[[Y8AcP0x1paqu.,z9,XSV1WI>{q3f6^e5(zrit <4fV&VHhmE`uidRqtmG27;si9&r;#KSF~E#$%W8w(xdp)H4tW=\2XOk~3=@oGqqpj;m4xf Ow;y26396&,34@9#~4;@*S;E0cq"LM9N(us4P%F(Nxis'Vvfm9?KufH;:Q$dMa-QWGLR&K d0`LJZE8xb*>^yN>b]_NcU:E=Zn\1=#/(OS2 In-Reply-To: (Simon Josefsson's message of "Thu, 4 Apr 2002 17:30:21 +0200 (CEST)") Original-Lines: 17 User-Agent: Gnus/5.090006 (Oort Gnus v0.06) XEmacs/21.4 (Common Lisp, sparc-sun-solaris2.7) Precedence: list X-Majordomo: 1.94.jlt7 Xref: main.gmane.org gmane.emacs.gnus.general:44160 X-Report-Spam: http://spam.gmane.org/gmane.emacs.gnus.general:44160 One thing I found strange in my environment at work is that following the instructions in smime.el for creating the link (openssl verify -noout -hash -in ) creates a hash that works great for verifying a certificate file, but when verifying messages, openssl is trying to find another hash, the generation of which I cannot figure out. I managed to figure it out by trussing an openssl verify session. So end up with two links to my company's root CA file, one for verifying email messages, the other for verifying cert files. Why verify cert files? I've added some stuff to EUDC for grabbing certs from our LDAP server and verify them before saving (well, saving for future use :-) since the server occasionally has a not yet valid cert on it as well as a current cert for some users whose certs are close to expiration and I want to make sure I grab the right one. I haven't managed to integrate this with gnus yet but I'm working on it. -- Dave Goldberg david.goldberg6@verizon.net