Re: [Evolution] Evolution/GPG

From: Patrick O'Callaghan <poc usb ve>
To: evolution-list gnome org
Subject: Re: [Evolution] Evolution/GPG
Date: Mon, 22 Feb 2016 11:50:52 +0000

On Mon, 2016-02-22 at 09:22 +0000, Pete Biggs wrote:


the "Microsoft Infrastructure" uses S/MIME by default, which sends
certificates.


Yes - S/MIME works by a "Trusted Third Party" issuing signed Email
Certificates. The only verification done by someone like Comodo when
they issue personal certificates is that the certificate is sent to
the
email address specified.  The advantage of S/MIME is that you do not
need to have verified knowledge of the sender's public key in order
to
verify the email - the public key is sent with the message and you
trust the party that signed the key that it belongs to the person you
think it does.  The disadvantage is that you put all your trust into
a
third party - it is not unknown for the signing keys from these
"trusted" bodies to go astray and to be abused or that someone has
managed to acquire a signed key for a random email address.


There have also been cases of the Certificate Authority (CA) issuing
genuine certificates to imposters. A famous case of Verisign giving out
several Microsoft certs a few years ago comes to mind. Such certs are
normally revoked when discovered, but revoking is another can of worms
in itself and doesn't work all that well.

poc

Follow-Ups:
- Re: [Evolution] Evolution/GPG
  - From: Tom

References:
- [Evolution] Evolution/GPG
  - From: Stig Roar Wangberg
- Re: [Evolution] Evolution/GPG
  - From: Pete Biggs
- Re: [Evolution] Evolution/GPG
  - From: Stig Roar Wangberg
- Re: [Evolution] Evolution/GPG
  - From: Pete Biggs
- Re: [Evolution] Evolution/GPG
  - From: Stig Roar Wangberg
- Re: [Evolution] Evolution/GPG
  - From: Patrick O'Callaghan
- Re: [Evolution] Evolution/GPG
  - From: Stig Roar Wangberg
- Re: [Evolution] Evolution/GPG
  - From: Patrick O'Callaghan
- Re: [Evolution] Evolution/GPG
  - From: Stig Roar Wangberg
- Re: [Evolution] Evolution/GPG
  - From: Adam Tauno Williams
- Re: [Evolution] Evolution/GPG
  - From: Stig Roar Wangberg
- Re: [Evolution] Evolution/GPG
  - From: Stig Roar Wangberg
- Re: [Evolution] Evolution/GPG
  - From: Stig Roar Wangberg
- Re: [Evolution] Evolution/GPG
  - From: Patrick O'Callaghan
- Re: [Evolution] Evolution/GPG
  - From: Stig Roar Wangberg
- Re: [Evolution] Evolution/GPG
  - From: Patrick O'Callaghan
- Re: [Evolution] Evolution/GPG
  - From: Stig Roar Wangberg
- Re: [Evolution] Evolution/GPG
  - From: Patrick O'Callaghan
- Re: [Evolution] Evolution/GPG
  - From: Stig Roar Wangberg
- Re: [Evolution] Evolution/GPG
  - From: Pete Biggs
- Re: [Evolution] Evolution/GPG
  - From: Stig Roar Wangberg
- Re: [Evolution] Evolution/GPG
  - From: Pete Biggs
- Re: [Evolution] Evolution/GPG
  - From: Stig Roar Wangberg
- Re: [Evolution] Evolution/GPG
  - From: Stig Roar Wangberg
- Re: [Evolution] Evolution/GPG
  - From: Adam Tauno Williams
- Re: [Evolution] Evolution/GPG
  - From: Stig Roar Wangberg
- Re: [Evolution] Evolution/GPG
  - From: Pete Biggs
- Re: [Evolution] Evolution/GPG
  - From: Stig Roar Wangberg
- Re: [Evolution] Evolution/GPG
  - From: Pete Biggs
- Re: [Evolution] Evolution/GPG
  - From: Stig Roar Wangberg
- Re: [Evolution] Evolution/GPG
  - From: Pete Biggs
- Re: [Evolution] Evolution/GPG
  - From: Stig Roar Wangberg
- Re: [Evolution] Evolution/GPG
  - From: Pete Biggs
- Re: [Evolution] Evolution/GPG
  - From: Stig Roar Wangberg
- Re: [Evolution] Evolution/GPG
  - From: Tom
- Re: [Evolution] Evolution/GPG
  - From: Stig Roar Wangberg
- Re: [Evolution] Evolution/GPG
  - From: Stig Roar Wangberg
- Re: [Evolution] Evolution/GPG
  - From: Tom
- Re: [Evolution] Evolution/GPG
  - From: Stig Roar Wangberg
- Re: [Evolution] Evolution/GPG
  - From: Tom
- Re: [Evolution] Evolution/GPG
  - From: Milan Crha
- Re: [Evolution] Evolution/GPG
  - From: Pete Biggs

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]