From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-2.3 required=5.0 tests=DKIM_ADSP_CUSTOM_MED, FORGED_GMAIL_RCVD,FREEMAIL_FROM,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED, RCVD_IN_MSPIKE_H2 autolearn=ham autolearn_force=no version=3.4.4 Received: (qmail 22454 invoked from network); 2 Nov 2022 09:29:54 -0000 Received: from lists.gnu.org (209.51.188.17) by inbox.vuxu.org with ESMTPUTF8; 2 Nov 2022 09:29:54 -0000 Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1oqA44-0001An-TO; Wed, 02 Nov 2022 05:29:40 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1oqA43-0001Ab-Ar for info-gnus-english@gnu.org; Wed, 02 Nov 2022 05:29:39 -0400 Received: from ciao.gmane.io ([116.202.254.214]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1oqA41-0000Bs-SA for info-gnus-english@gnu.org; Wed, 02 Nov 2022 05:29:39 -0400 Received: from list by ciao.gmane.io with local (Exim 4.92) (envelope-from ) id 1oqA3y-0009pt-TC for info-gnus-english@gnu.org; Wed, 02 Nov 2022 10:29:34 +0100 X-Injected-Via-Gmane: http://gmane.org/ To: info-gnus-english@gnu.org From: Angel de Vicente Subject: Signing a message with S/MIME in Gnus? Date: Wed, 02 Nov 2022 09:29:26 +0000 Message-ID: <871qql9021.fsf@gmail.com> Mime-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha256; protocol="application/pgp-signature" User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux) Cancel-Lock: sha1:H3yb6AAQlwb5nAeUzAX4vY4W09U= Received-SPF: pass client-ip=116.202.254.214; envelope-from=gegu-info-gnus-english@m.gmane-mx.org; helo=ciao.gmane.io X-Spam_score_int: 3 X-Spam_score: 0.3 X-Spam_bar: / X-Spam_report: (0.3 / 5.0 requ) BAYES_00=-1.9, DKIM_ADSP_CUSTOM_MED=0.001, FORGED_GMAIL_RCVD=1, FREEMAIL_FORGED_FROMDOMAIN=0.001, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.249, NML_ADSP_CUSTOM_MED=0.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=no autolearn_force=no X-Spam_action: no action X-BeenThere: info-gnus-english@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Announcements and discussions for GNUS, the GNU Emacs Usenet newsreader \(in English\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "info-gnus-english" Errors-To: info-gnus-english-bounces+ml=inbox.vuxu.org@gnu.org --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Hello, anyone here familiar with Gnus + S/MIME + gnupg? A few days back I decided to set up my environment to sign messages I send out, and to be able to verify signatures of messages I receive. Doing it with pgp was quite easy, and got it working in no time, but S/MIME is giving me a real headache, most probably because I'm misunderstanding something or because I lack some basic knowledge on how certificates are meant to be used. I imported my certificate with 'gpgsm --import ' and "gpgsm =2DK" shows that the certificate got imported correctly: ,---- | $ gpgsm -K | /home/angelv/.gnupg/pubring.kbx | ------------------------------- | ID: 0xFD3C585C | S/N: 07A6ED8580BD2114605C7B37AB7B8919 | (dec): 10171334757275596790721797340316535065 | Issuer: /CN=3DAC FNMT Usuarios/OU=3DCeres/O=3DFNMT-RCM/C=3DES | Subject: /CN=3DDE VICENTE GARRIDO ANGEL MANUEL - .... `---- My ~/.gnupg/gpgsm.con just contains: ,---- | disable-crl-checks `---- and with that, I can sign a file in the command line without problems: ,---- | $ gpgsm --sign test.txt >ciphertext | gpgsm: Note: non-critical certificate policy not allowed | gpgsm: Note: non-critical certificate policy not allowed | gpgsm: Note: non-critical certificate policy not allowed | gpgsm: CRLs not checked due to --disable-crl-checks option | gpgsm: DBG: adding certificates at level -2 | gpgsm: signature created `---- But when I try to sign a message from Gnus I always get a message saying "No sign key for ; skip it? (y or n)" What do I have to configure in Emacs/Gnus so that it will know that my e-mail address is linked to the same certificate used in the command line? By the way, I'm using the following: ,---- | ArchLinux | Emacs version: 28.2 (2022-09-12) | Gnus version: 5.13 | GnuPG version: 2.2.40 `---- Any pointers/help greatly appreciated =2D-=20 =C3=81ngel de Vicente -- (GPG: 0x64D9FDAE7CD5E939) Research Software Engineer (Supercomputing and BigData) Instituto de Astrof=C3=ADsica de Canarias (https://www.iac.es/en) --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQHUBAEBCAA+FiEEGQyM5qDLpMcIDuMKZNn9rnzV6TkFAmNiOHYgHGFuZ2VsLnZp Y2VudGUuZ2Fycmlkb0BnbWFpbC5jb20ACgkQZNn9rnzV6TmEFQwAm13pZQojObNH 9Y6LZiB4kCObFhXpHgN14B2DTAl3pv9EmnTLlwcB0IXw507jheQjcbaqjKGDcGpg NSzMvp9XyrE+rN5yyYstqPDk9tU5NgwsQxueb5vBMVvKk8w6T0IMEA5SSQ07Zg4y dHSd0+jjlAopcVn4Tq5vHaYMQj/EArbmHW27Fvr+58uD1l91w3k25Osugj/kMFzy ADjGUgmOHSBjuI0Q4Z2E1EAdO80VsW7gluicQrofokfB3JyNFQnlO0YZX7Oi6L1J 9bT9G0vEVaU0DVykHurFQwcNY/2peJhFD5HbDwtvssETD6vrNlJOchpDD5fqhQTE ubHUwi4ishjnZuNKXC8hJvpul1oBk+sWMlhdLCm73QeB3v4KZLDemnq/oZyzht9N lOfPcrtMmmhDpU1BctdoGec255AktOOaBg4FkN9aWnZAvQdu+PGzq17wTbPfNFY9 LaUSavq6IT0YG/ui2hWxk11Had+C56NJkVXZR5ht+JaBWh+u3DyZ =MSgT -----END PGP SIGNATURE----- --=-=-=--