Avatar for Username

Caută ajutor

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Află mai multe

How to send encrypted emails - how to obtain the keys from signed emails

  • 2 răspunsuri
  • 0 au această problemă
  • Ultimul răspuns de leosenko

leosenko
leosenko
more options

I ask a person to send me a signed email so that i can send them an encrypted email. How is this process supposed to work in thunderbird? I receive a signed email, what next? Clearly, thunderbird sees the signature but does not add the public key to the contact. This is in contradiction with [page] that states: The standard way of distributing a person's certificate is to send a digitally signed email. If you have received a signed email from your correspondent, click the email to view it. If Thunderbird considers the email's signature and the sender's certificate valid, it will automatically be imported and available when you attempt to encrypt an email to that correspondent using the S/MIME technology. If you don't have a signed email from your correspondent yet, you could ask them to send a digitally signed email to you.

Note that certificates issued by CAs may have a short validity period. Certificates are no longer usable after the validity period has expired. In that case your correspondent will have to obtain a new certificate. Once that happened they will be able to send you a new digitally signed email with a valid certificate.

Organizations that operate an LDAP server may configure their server to store S/MIME certificates. If an LDAP server is configured, Thunderbird may automatically query the LDAP server if it needs to obtain a S/MIME certificate.

To review the list of S/MIME certificates that you already have, you can use Thunderbird's Certificate Manager.

The certificate shows that it is valid, yet, clicking reply gives "key issues" which shows no key available. Similarly, if I sign an email with pgp key and send it, thunderbird sees that it is signed but tells me that i need to obtain public pgp key. So it seems that signatures and encryption are completely unusable.

I ask a person to send me a signed email so that i can send them an encrypted email. How is this process supposed to work in thunderbird? I receive a signed email, what next? Clearly, thunderbird sees the signature but does not add the public key to the contact. This is in contradiction with [[https://support.mozilla.org/en-US/kb/thunderbird-help-cannot-encrypt#w_obtaining-smime-certificates-of-correspondents|this page]] that states: ''The standard way of distributing a person's certificate is to send a digitally signed email. If you have received a signed email from your correspondent, click the email to view it. If Thunderbird considers the email's signature and the sender's certificate valid, it will automatically be imported and available when you attempt to encrypt an email to that correspondent using the S/MIME technology. If you don't have a signed email from your correspondent yet, you could ask them to send a digitally signed email to you. Note that certificates issued by CAs may have a short validity period. Certificates are no longer usable after the validity period has expired. In that case your correspondent will have to obtain a new certificate. Once that happened they will be able to send you a new digitally signed email with a valid certificate. Organizations that operate an LDAP server may configure their server to store S/MIME certificates. If an LDAP server is configured, Thunderbird may automatically query the LDAP server if it needs to obtain a S/MIME certificate. To review the list of S/MIME certificates that you already have, you can use Thunderbird's Certificate Manager. '' The certificate shows that it is valid, yet, clicking reply gives "key issues" which shows no key available. Similarly, if I sign an email with pgp key and send it, thunderbird sees that it is signed but tells me that i need to obtain public pgp key. So it seems that signatures and encryption are completely unusable.
Capturi de ecran atașate

Toate răspunsurile (2)

Matt
Matt
  • Top 25 Contributor
  • Moderator
more options

PGP and s/mime are not interchangeable you have to your one or the other.

Do you have an S/MIME certificate with which to encrypt your message? If not you will also have to have one. a PGP certificate will not do it in this instance.

I have been hearing for more than 20 years how PGP is going to make encryption simple and accessible. I have yet to see anything simple about PGP.

Te-a ajutat?

leosenko
leosenko Deținătorul întrebării
more options

Matt said
PGP and s/mime are not interchangeable you have to your one or the other. Do you have an S/MIME certificate with which to encrypt your message? If not you will also have to have one. a PGP certificate will not do it in this instance. I have been hearing for more than 20 years how PGP is going to make encryption simple and accessible. I have yet to see anything simple about PGP.

I am not sure that i understand what you mean by "Do you have an S/MIME certificate with which to encrypt your message?". I have a signed email from the user to whom I need to send an encrypted email. Signed email (we are not talking only s/mime, not pgp) contains a public key of the user. I should not need anything else to encrypt the message but this public key, specifically, I do not need to have my own s/mime since it is not used at all during the encryption process.

Te-a ajutat?

Adresează o întrebare

You must log in to your account to reply to posts. Please start a new question, if you do not have an account yet.