From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.io/gmane.emacs.gnus.general/86210 Path: news.gmane.org!not-for-mail From: Greg Troxel Newsgroups: gmane.emacs.gnus.general Subject: S/MIME verification, marking of encryped Date: Wed, 07 Oct 2015 13:23:17 -0400 Message-ID: NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha1; protocol="application/pgp-signature" X-Trace: ger.gmane.org 1444238705 13731 80.91.229.3 (7 Oct 2015 17:25:05 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Wed, 7 Oct 2015 17:25:05 +0000 (UTC) To: ding@gnus.org Original-X-From: ding-owner+M34444@lists.math.uh.edu Wed Oct 07 19:24:55 2015 Return-path: Envelope-to: ding-account@gmane.org Original-Received: from lists1.math.uh.edu ([129.7.128.208]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1ZjsSU-0003Ld-0J for ding-account@gmane.org; Wed, 07 Oct 2015 19:24:54 +0200 Original-Received: from localhost ([127.0.0.1] helo=lists.math.uh.edu) by lists1.math.uh.edu with smtp (Exim 4.85) (envelope-from ) id 1ZjsRM-0001Ul-C2; Wed, 07 Oct 2015 12:23:44 -0500 Original-Received: from mx2.math.uh.edu ([129.7.128.33]) by lists1.math.uh.edu with esmtps (TLSv1.2:AES128-GCM-SHA256:128) (Exim 4.85) (envelope-from ) id 1ZjsRJ-0001UQ-0b for ding@lists.math.uh.edu; Wed, 07 Oct 2015 12:23:41 -0500 Original-Received: from quimby.gnus.org ([80.91.231.51]) by mx2.math.uh.edu with esmtps (TLSv1.2:DHE-RSA-AES128-SHA:128) (Exim 4.85) (envelope-from ) id 1ZjsRH-0007mY-Gh for ding@lists.math.uh.edu; Wed, 07 Oct 2015 12:23:40 -0500 Original-Received: from linuxpal.mit.edu ([18.62.1.14]) by quimby.gnus.org with esmtps (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from ) id 1ZjsRF-0003sf-Np for ding@gnus.org; Wed, 07 Oct 2015 19:23:38 +0200 Original-Received: by linuxpal.mit.edu (Postfix, from userid 9545) id 3304C16078; Wed, 7 Oct 2015 13:23:22 -0400 (EDT) OpenPGP: id=098ED60E User-Agent: Gnus/5.130006 (Ma Gnus v0.6) Emacs/24.3 (berkeley-unix) X-Spam-Score: -4.9 (----) List-ID: Precedence: bulk Xref: news.gmane.org gmane.emacs.gnus.general:86210 Archived-At: --=-=-= Content-Type: text/plain (First, thanks to everyone who has worked on gnus. I haven't updated for a while and have been running from old git in late 2013 (because it worked). I am trying to get S/MIME going and updated to the m0-13 tag. I did not notice any trouble, which is great!) I'm a longtime epg user with gnupg (coming from mailcrypt and then pgg), and generally it works well. I am now trying to get set up with S/MIME to interact with some people who do encrypted mail that way, and finding it harder than it seems I should. Part of my problem is the mysterious "No CA configured" error. That seems to come from smime.el, but I've tried to configure the use of epg and thus gpgsm, and that seems to actually work. Specific questions: 0) I put in .emacs: (setq mml-smime-use 'epg) Is that sufficient and appropriate to make gnus use epg/gpgsm for S/MIME? 1) What is the thinking on the default for smime between epg/gpgsm and openssl? It seems to me that gpgsm is set up for passphrases and also to mark keys/CAs trusted or not in a more flexible manner, so that seems preferred. But Simon wrote smime.el, so I don't want to jump to conclusions. 2) Are people sure that there are no control flow leaks into the openssl code when epg is configured? I am set up for gpgsm, and verifying messages that are from myself and signed or signed and encrypted seems to work. Verifying a message that is encrypted but not signed from someone else gives the "No CA configured" error. However, while doing this, I see that gpgsm was run and openssl was not (from atimes on the binaries). 3) When verifying openpgp/mime, I am notified of decryption status as well as signatures, so that I know the message was encrypted. I don't see any hint of this with epg/gpgsm. Any advice, other than figure it out and send a patch? Thanks, Greg --=-=-= Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iEYEARECAAYFAlYVVQUACgkQH9p66AmO1g79AQCfSkFD8o8kwGFlh1Vu8TFdZc/5 JGUAmgJRrTrPyT5rAq4UbjPoFGFTHeZR =wmfF -----END PGP SIGNATURE----- --=-=-=--