[prev in list] [next in list] [prev in thread] [next in thread] 

List:       opensuse-factory
Subject:    Re: [opensuse-factory] Kmail and SMime (Was: Need to click twice on shutdown to power-off TW)
From:       stakanov <stakanov () eclipso ! eu>
Date:       2017-09-30 7:25:26
Message-ID: 5463759.hPoRRRvFP8 () roadrunner
[Download RAW message or body]

In data sabato 30 settembre 2017 09:06:10 CEST, Tom Hardy ha scritto:
> On Saturday, 30 September 2017 00:08:32 CDT stakanov wrote:
> > He did an
> > "P.S. S/MIME testing" (as he quoted at the end of message)
> > When an S/MIME message arrives, you may or may not want to trust the
> > issuing authority (which is one of the weaknesses of s/mime vs gpg, you
> > need to trust an authority. But then, it is a very well known way to
> > encrypt in business. In this case it was commodo. Do you use kleopatra?
> > It may be the programm that issued the demand. And no, I do not think it
> > is something strange, the average user should be able to understand the
> > value of such a question. Maybe a better definition of which programm
> > opens this would be better.
> 
> I've got Kgpg running (maybe I should change that), but I thought it was
> Kmail that issued the request.  That's one of the problems--the issuing
> program and the reason for the request isn't identified--and I feel
> uncomfortable extending trust without knowing the party and dotting all the
> i's.  I'm just carrying that lack of trust forward to certificate
> authorities.  I should say I don't have knowlege of gpg usage reduced to
> muscle memory, I just use it once in a while.
> 
> There is another, more common circumstance where Kmail (If it's Kmail) makes
> ambiguous requests for trust, when it tries to make a secure connection
> through a captive portal with a certificate.  There, the answer is clearly
> no.
> 
> But what is the average user to do?   Just trust any party to come along
> without a clue what is going on, in an attempt to make things work?
> 
> I think the dialog should at least identify who is making the request.  It
> could be Kmail, or it could be Firefox, or it could be NetworkManager....

I agree that the issuing programm should be clearly understandable. For the 
problem itself, you may go to kmail, configuration, security (on in Kontact: 
settings, kmail-configuration, security. 
There check the settings for certificates in the last tag "s/mime". If you 
deactivate the automatic import of certificates, you should avoid the issue. 
(Although I think you know all that, in this case please have patience and 
forgive me the redundancy of this answer.). 



-- 
To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org
To contact the owner, e-mail: opensuse-factory+owner@opensuse.org

[prev in list] [next in list] [prev in thread] [next in thread]