We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

搜索 | 用户支持

防范以用户支持为名的诈骗。我们绝对不会要求您拨打电话或发送短信,及提供任何个人信息。请使用“举报滥用”选项报告涉及违规的行为。

详细了解

End-to-end encryption issue...

  • 2 个回答
  • 1 人有此问题
  • 1 次查看
  • 最后回复者为 christ1

more options

I have updated two e-mail clients to V.78. Both under OS-X.

On the first I created a PGP certificate for one e-mail account and saved that. E-mails show the certificate attached with Open PGP. That worked just great.

On a mobile device I can see that certificate signed using Open PGP for encryption (obviously requiring PK exchange before encryption can take place).

On the other mac, previously equipped with several CACert Identity verification certificates for a number of accounts, I have installed the certificate exported from the first machine on its mirror account - that verifies ok - this is not a certificate import/export problem. BUT the account will not send using PGP. It defaults to S/MIME and then complains that the CACert ID certificate is non-existent or expired - in fact it was expired and was deleted months ago and so is now non-existent.

Note that on this second machine there are 5 or 6 accounts, three of which have CACert ID certificates but the account which I was working on with the PGP certificate is no longer covered by a CACert ID certificate although it was previously so covered.

Is there a way to force Thurderbird to just stick with the PGP encryption certificate and to not try to find a non-existent CACert ID certificate for this account (or at all)?

Best regards,

Ian Beeby

I have updated two e-mail clients to V.78. Both under OS-X. On the first I created a PGP certificate for one e-mail account and saved that. E-mails show the certificate attached with Open PGP. That worked just great. On a mobile device I can see that certificate signed using Open PGP for encryption (obviously requiring PK exchange before encryption can take place). On the other mac, previously equipped with several CACert Identity verification certificates for a number of accounts, I have installed the certificate exported from the first machine on its mirror account - that verifies ok - this is not a certificate import/export problem. BUT the account will not send using PGP. It defaults to S/MIME and then complains that the CACert ID certificate is non-existent or expired - in fact it was expired and was deleted months ago and so is now non-existent. Note that on this second machine there are 5 or 6 accounts, three of which have CACert ID certificates but the account which I was working on with the PGP certificate is no longer covered by a CACert ID certificate although it was previously so covered. Is there a way to force Thurderbird to just stick with the PGP encryption certificate and to not try to find a non-existent CACert ID certificate for this account (or at all)? Best regards, Ian Beeby

被采纳的解决方案

RESOLVED - The issue was that there was a residual record that I had a key for that account:

Tools-> Account Settings -> End-to-end Encryption -> Manage S/MIME Certificates

Then find the name/e-mail address and delete the certificate authority for that account. The e-mail address you are looking for is the one which you now seek to protect with the PGP certificate.

Ian

定位到答案原位置 👍 0

所有回复 (2)

more options

选择的解决方案

RESOLVED - The issue was that there was a residual record that I had a key for that account:

Tools-> Account Settings -> End-to-end Encryption -> Manage S/MIME Certificates

Then find the name/e-mail address and delete the certificate authority for that account. The e-mail address you are looking for is the one which you now seek to protect with the PGP certificate.

Ian

more options
On the other mac ... I have installed the certificate exported from the first machine on its mirror account

When exporting the key on the first machine, did you include the private key?

BUT the account will not send using PGP. It defaults to S/MIME

In a Write window, from the Security drop-down menu in the Composition Toolbar you can select which Encryption Technology to use - OpenPGP or S/MIME.

You can also select which one shall be preferred, if both, OpenPGP, and S/MIME is set up for the account. That's underneath End-To-End Encryption in the Account Settings for the particular account.