From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-2.3 required=5.0 tests=DKIM_ADSP_CUSTOM_MED, FORGED_GMAIL_RCVD,FREEMAIL_FROM,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED, RCVD_IN_MSPIKE_H2 autolearn=ham autolearn_force=no version=3.4.4 Received: (qmail 20719 invoked from network); 3 Nov 2022 07:21:56 -0000 Received: from lists.gnu.org (209.51.188.17) by inbox.vuxu.org with ESMTPUTF8; 3 Nov 2022 07:21:56 -0000 Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1oqUXd-000114-Lu; Thu, 03 Nov 2022 03:21:33 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1oqUXc-00010M-3h for info-gnus-english@gnu.org; Thu, 03 Nov 2022 03:21:32 -0400 Received: from ciao.gmane.io ([116.202.254.214]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1oqUXa-0008Jz-Dl for info-gnus-english@gnu.org; Thu, 03 Nov 2022 03:21:31 -0400 Received: from list by ciao.gmane.io with local (Exim 4.92) (envelope-from ) id 1oqUXW-00032T-Ub for info-gnus-english@gnu.org; Thu, 03 Nov 2022 08:21:26 +0100 X-Injected-Via-Gmane: http://gmane.org/ To: info-gnus-english@gnu.org From: Angel de Vicente Subject: Re: Signing a message with S/MIME in Gnus? Date: Thu, 03 Nov 2022 07:21:04 +0000 Message-ID: <87tu3gy04f.fsf@gmail.com> References: <871qql9021.fsf@gmail.com> <87r0yl41ie.fsf@informationelle-selbstbestimmung-im-internet.de> <87leotw05b.fsf@gmail.com> <87y1ss1pls.fsf@informationelle-selbstbestimmung-im-internet.de> Mime-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha256; protocol="application/pgp-signature" User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux) Cancel-Lock: sha1:ZyphJWGjjIdpSfi8Ke1s9N0zY5I= Received-SPF: pass client-ip=116.202.254.214; envelope-from=gegu-info-gnus-english@m.gmane-mx.org; helo=ciao.gmane.io X-Spam_score_int: 3 X-Spam_score: 0.3 X-Spam_bar: / X-Spam_report: (0.3 / 5.0 requ) BAYES_00=-1.9, DKIM_ADSP_CUSTOM_MED=0.001, FORGED_GMAIL_RCVD=1, FREEMAIL_FORGED_FROMDOMAIN=0.001, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.25, NML_ADSP_CUSTOM_MED=0.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=no autolearn_force=no X-Spam_action: no action X-BeenThere: info-gnus-english@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Announcements and discussions for GNUS, the GNU Emacs Usenet newsreader \(in English\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "info-gnus-english" Errors-To: info-gnus-english-bounces+ml=inbox.vuxu.org@gnu.org --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Hello, Jens Lechtenboerger writes: > There is. Before coming to that, please reconsider for what you > ask: Alice sends a message to Bob, but the message is signed by > Mallory. What is Bob supposed to do with this? Yes, I realized after I sent the message that this was going to be confusing. I managed to do it by setting 'mml-secure-smime-sign-with-sender' to nil, so that I could then choose the certificate, but Gmail (for example) complains about the mail address in the certificate not being the same as the "From" address, so probably not a good idea in general. > IMO, the signature should really match the sender=E2=80=99s FROM address. > Maybe you can ask your CA to include your other e-mail addresses as > well? Or switch to GnuPG for your other e-mail addresses, where you > are in control and not some CA (which Bob probably does neither know > nor trust anyways)? See [1] for more information. So, I was actually thinking of going for the second option: use SMIME when I send from the address in the certificate, and use PGP when sending from this gmail address. But now I need to figure out how to tell Gnus to do that. Right now I have the following, which makes sure that by default I will be always signing with SMIME. Do you know if there is an easy way to set these depending on the "From" address? ,---- | (add-hook 'gnus-message-setup-hook 'mml-secure-message-sign-smime) | (setq mml-secure-method "smime") `---- Cheers, =2D-=20 =C3=81ngel de Vicente -- (GPG: 0x64D9FDAE7CD5E939) Research Software Engineer (Supercomputing and BigData) Instituto de Astrof=C3=ADsica de Canarias (https://www.iac.es/en) --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQHUBAEBCAA+FiEEGQyM5qDLpMcIDuMKZNn9rnzV6TkFAmNja+cgHGFuZ2VsLnZp Y2VudGUuZ2Fycmlkb0BnbWFpbC5jb20ACgkQZNn9rnzV6TkqJQwAlIzFs8olHE7L cmG5vvGAtxcaNg3z+PiLNnxfBc1PYGBDPfHG9XJIpQGqqYMSGHlWizquv8MAPN4S wnGlSgksi85rMqZQQYQWrXrhZUid5Sg/kFavXYK6238FUwP0EyGG8lu+wh9t7XIR I8USulfgMbt60CizahCAPoXvcSgnqwZkMsHbvkISCEIh01r0hOL8x9hkqB1vRwWj +VcqDqDwrHJvg3BgJzT+9HaYyZgpZwkCP902RLxjcUcCLSJi5M1TP5uvv3yzgzbh U5wee77Hx5Zd5lYL3zMpuPzNp7IY7LhfpkAm9NInUBp45qrwNVjhrnyL1OBWRbTZ bnaZv8mwXr/lk65jsxFjleHGNrCPsSnkpIu+6bs1BEP/NKXTl8NgapoIBEboltqx kH6Sldgb4tvkeOujoHbJeipv1iTEanjgAx8HkAWYtu+LwDKpg/OfduRXY6mgHEVG AV08CtoGEUZJebk4gD4tcEWfC2TkWoWDVUtf4VvPdVf8+Qu26aOS =XtrO -----END PGP SIGNATURE----- --=-=-=--