Re: [Evolution] How to deal with S/MIME signature where address differs from from address

On Sun, 2016-03-06 at 18:23 +0000, Pete Biggs wrote:

the signature doesn't have much to do with the message headers,
with the From; evo shows at the very bottom who signed it.
Thinking about it, I find this strange, and actually would like to
notified if the signature address differs from the From address.

Maybe I do not understand the idea behind it, so I wanted to ask
for the reasoning behind the current implementation.
S/MIME certificates can be created by anyone for any email address
the public key for the certificate is included with every message.
such they are not designed to, and can not, verify the sender. The
sender, if they so wish can create a new certificate for every email
they send.  In fact in Evolution I can select any S/MIME certificate
with any email address (and I have a few) to sign a message, the
addresses don't have to match up - it's usual that they do match, but
they don't have to.

S/MIME certificates are designed for encryption and to verify that
the contents of a message haven't been altered in transmission.

Also that the sender is in possession of the private key, i.e. has
signed the message. However (for example) an assistant might send a
message signed by a supervisor, in which case the sender's address
would probably not match the signature. (Actually there are email
protocols for the assistant to send mail on behalf of the boss, or
indeed on behalf of a group of people, but they are rarely used).


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]