Re: [CentOS] [OT] Where to buy S/MIME ??

[Sorin Srbu]

> -Original Message-
> From: CentOS  On Behalf Of Alexander Dalloz
> Sent: den 25 november 2018 17:37
> To: centos@centos.org
> Subject: Re: [CentOS] [OT] Where to buy S/MIME ??
> 
> Letsencrypt does not sign certificates for use with S/MIME.
> 
> Alexander


Ah. Thanks.

--
//Sorin
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] [OT] Where to buy S/MIME ??

[Sorin Srbu]

> -Original Message-
> From: CentOS  On Behalf Of Alice Wonder
> Sent: den 25 november 2018 14:35
> To: CentOS mailing list 
> Subject: [CentOS] [OT] Where to buy S/MIME ??
> 
> Hi, I'm getting increasingly paranoid.
> 
> Something I said on a certain social media site several months ago was
> modified - then reported - then by account was banned until I agreed to
> delete it.
> 
> Obviously since what I said was modified I didn't have any issue with
> deleting it but I want more than just DKIM sigs on my e-mail now.
> 
> Anyway looking for S/MIME I can use to sign and/or encrypt but mostly
> sign. Not interested in GnuPG or self-signed S/MIME - I want something
> that can be trusted because someone else that is trusted actually
> vouched for me.
> 
> The "free for personal" S/MIME from Comodo didn't work. Browser said it
> did but there was nothing to export for me to then import. I suspect it
> is because I used private browser window, I really don't like the idea
> of a private key stored in browser anyway. And it never asked for a
> password to encrypt the private key, nor let me specify key strength
> (only let me choose between medium and high - I assume high is 4096 but
> I don't know, it didn't say)
> 
> Didn't like the "browser generated" process, even if it had worked and
> generated the final product I could export - I really didn't like the
> process and have serious questions about the wisdom of a private key
> without a pass phrase stored in an application that interacts with web
> sites.
> 
> Anyway so used openssl to create private key (with aes-256 encryption
> and pass phrase) and then a CSR.
> 
> But I can't find anyone who sells certs for S/MIME to send the CSR too.
> 
> Globalsign but they wanted $89 - no one else.
> 
> Found a few sites that offered to "send me a quote" that I think were
> intended for corporate accounts.
> 
> Where do regular users who just want an inexpensive certificate usable
> for S/MIME from a CSR generated the traditional way go to buy a cert?

Would letsencrypt.org work for you?
I use them for my web sites, but unsure if you can do s/mime with them.

It's free, and trusted/sponsored by loads of big muckamucks according to
their web site.
--
//Sorin
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] digital signature equipment

[Gregory P. Ennis]

Date: Sun, 25 Nov 2018 16:26:58 -0600

On Sun, 25 Nov 2018 16:04:23 -0600
Gregory P. Ennis wrote:

> Yes, that is what I am looking for.  I can certainly use a wacom board with
> gimp, but I was looking for a more automated process that will be performed
> by end users, and was hoping that someone on the list had crossed that bridge
> before.

Without doing a lot of research into exactly how to make this work, I suspect 
that you can
do what you want here using  a wacom tablet and something gthumb to capture the 
image, then
a bit of bash scripting to glue what you got from that into your pdf using 
pdftk (since
you're already doing that).

Since you don't need to actually see the image on-screen, but rather just glue 
it into the
pdf, you might be able to pull it directly from xf86-input-wacom, too.

There's something to get you started, anyway.
-

Thanks Frank

Greg

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] digital signature equipment

[Frank Cox]

On Sun, 25 Nov 2018 16:04:23 -0600
Gregory P. Ennis wrote:

> Yes, that is what I am looking for.  I can certainly use a wacom board with
> gimp, but I was looking for a more automated process that will be performed
> by end users, and was hoping that someone on the list had crossed that bridge
> before.

Without doing a lot of research into exactly how to make this work, I suspect 
that you can do what you want here using  a wacom tablet and something gthumb 
to capture the image, then a bit of bash scripting to glue what you got from 
that into your pdf using pdftk (since you're already doing that).

Since you don't need to actually see the image on-screen, but rather just glue 
it into the pdf, you might be able to pull it directly from xf86-input-wacom, 
too.

There's something to get you started, anyway.

-- 
MELVILLE THEATRE ~ Real D 3D Digital Cinema ~ www.melvilletheatre.com
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] digital signature equipment

[Gregory P. Ennis]

On Sun, 25 Nov 2018 12:41:16 -0600
Gregory P. Ennis wrote:

>  topaz pieces of equipment called 'signature pads' 

So the question that you're really attempting to ask is, "How can I obtain a 
linux-
compatible signature pad".

That's something that I've never gone looking for since the subject has never 
come up with
the stuff that I do, but it seems to me that a signature pad is merely a 
small-format
drawing tablet and that's a very old technology.  (There was a drawing tablet 
available for
the Commodore 64.)

So perhaps instead of looking for a "signature pad" what you really want is 
just a small
drawing tablet like a Wacom for which linux drivers come built-in with Centos. 


Frank,

Thanks for your responses

Yes, that is what I am looking for.  I can certainly use a wacom board with 
gimp, but I was
looking for a more automated process that will be performed by end users, and 
was hoping
that someone on the list had crossed that bridge before.

Greg
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] digital signature equipment

[Frank Cox]

On Sun, 25 Nov 2018 12:41:16 -0600
Gregory P. Ennis wrote:

>  topaz pieces of equipment called 'signature pads' 

So the question that you're really attempting to ask is, "How can I obtain a 
linux-compatible signature pad".

That's something that I've never gone looking for since the subject has never 
come up with the stuff that I do, but it seems to me that a signature pad is 
merely a small-format drawing tablet and that's a very old technology.  (There 
was a drawing tablet available for the Commodore 64.)

So perhaps instead of looking for a "signature pad" what you really want is 
just a small drawing tablet like a Wacom for which linux drivers come built-in 
with Centos. 

-- 
MELVILLE THEATRE ~ Real D 3D Digital Cinema ~ www.melvilletheatre.com
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] digital signature equipment

[Gregory P. Ennis]

On Sun, 25 Nov 2018 10:34:13 -0600
Gregory P. Ennis wrote:

> I have an application that I need to acquire, store and merge to a pdf file a
> digital signature from a client. 

Define your workflow in more detail.

If you're still working on adding digitized images of actual physical 
signatures to a pdf
file, then imagemagick can very likely do what you want it to do.  One of its 
capabilities
is finding an image within another image which you can then extract or otherwise
manipulate.
---
Frank,

Thanks for your help.  I am ok with the use of pdftk in merging a digital image 
to a pdf
file.  The process that I am having problems solving now is acquiring an image 
'on the
fly'.  There are two work flow categories of signature images that I am needing 
to work
with. I have solved the problem with the first category but not the second.  
The first
category relates to signature images that I can acquire from any copier/scanner 
and then
use gimp to extract the image and then create a jpg file that I can use over 
and over
again.  The second category of image is one that has to be collected at the 
time of a
purchase event.  Using a copier/scanner for this latter process will not really 
work so I
am looking for equipment that will acquire the image and then allow me to 
create a usable
image to merge with the pdf form file with the use of imagemagick or pdftk.

When I researched the topaz pieces of equipment called 'signature pads' they 
appear to have
a proprietary file type.  I contacted their support services, and learned that 
they do have
the ability to convert the image to jpg or other formats, but this requires 
some software
that they will apparently allow the use of with a non-disclosure agreement 
only.  There
appears to be many signature pads that work with Microsoft systems.   I decided 
to post the
question here to see if I could glean how others of resolved this  kind of 
problem with
Centos linux systems.

Hope this fills in the blanks a little.

Greg
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] digital signature equipment

[Frank Cox]

On Sun, 25 Nov 2018 10:34:13 -0600
Gregory P. Ennis wrote:

> I have an application that I need to acquire, store and merge to a pdf file a
> digital signature from a client. 

Define your workflow in more detail.

If you're still working on adding digitized images of actual physical 
signatures to a pdf file, then imagemagick can very likely do what you want it 
to do.  One of its capabilities is finding an image within another image which 
you can then extract or otherwise manipulate.

-- 
MELVILLE THEATRE ~ Real D 3D Digital Cinema ~ www.melvilletheatre.com
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] [OT] Where to buy S/MIME ??

[Alexander Dalloz]

Am 25.11.2018 um 17:26 schrieb Alfred von Campe:



On Nov 25, 2018, at 8:35, Alice Wonder  wrote:

Where do regular users who just want an inexpensive certificate usable for 
S/MIME from a CSR generated the traditional way go to buy a cert?


Have you looked at https://letsencrypt.org? 

Alfred


Letsencrypt does not sign certificates for use with S/MIME.

Alexander


___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] digital signature equipment

[Gregory P. Ennis]

Everyone,

I apologize if this is off topic for this list!

I have an application that I need to acquire, store and merge to a pdf file a 
digital
signature from a client.   What favorite equipment do some of you use to do 
this.

I contacted the topaz systems support team, and they advised me their equipment 
produced a
proprietary file type, and required me to sign a non-disclosure agreement to do 
what I was
asking to do.  I indicated I was willing to proceed, but I have not been able 
to get them
to communicate in follow up.  probably related to the holidays.

I will be using Centos 7.5 Desktop units to acquire the images and send the 
images to a
Centos 7.5 server that will do the storage, and merging work.  I have been able 
to use
pdftk to merge previously obtained signatures, but I have not been able to find 
a piece of
equipment that I can use to acquire signatures on the fly and merge them easily 
to a pdf
form file.  

Any suggestions would be appreciated

Greg Ennis

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] [OT] Where to buy S/MIME ??

[Alfred von Campe]

> On Nov 25, 2018, at 8:35, Alice Wonder  wrote:
> 
> Where do regular users who just want an inexpensive certificate usable for 
> S/MIME from a CSR generated the traditional way go to buy a cert?

Have you looked at https://letsencrypt.org? 

Alfred
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] [OT] Where to buy S/MIME ??

[Rainer Duffner]

> Am 25.11.2018 um 14:35 schrieb Alice Wonder :
> 
> Hi, I'm getting increasingly paranoid.
> 
> Something I said on a certain social media site several months ago was 
> modified - then reported - then by account was banned until I agreed to 
> delete it.
> 
> Obviously since what I said was modified I didn't have any issue with 
> deleting it but I want more than just DKIM sigs on my e-mail now.
> 
> Anyway looking for S/MIME I can use to sign and/or encrypt but mostly sign. 
> Not interested in GnuPG or self-signed S/MIME - I want something that can be 
> trusted because someone else that is trusted actually vouched for me.
> 
> The "free for personal" S/MIME from Comodo didn't work. Browser said it did 
> but there was nothing to export for me to then import. I suspect it is 
> because I used private browser window, I really don't like the idea of a 
> private key stored in browser anyway. And it never asked for a password to 
> encrypt the private key, nor let me specify key strength (only let me choose 
> between medium and high - I assume high is 4096 but I don't know, it didn't 
> say)
> 
> Didn't like the "browser generated" process, even if it had worked and 
> generated the final product I could export - I really didn't like the process 
> and have serious questions about the wisdom of a private key without a pass 
> phrase stored in an application that interacts with web sites.
> 
> Anyway so used openssl to create private key (with aes-256 encryption and 
> pass phrase) and then a CSR.
> 
> But I can't find anyone who sells certs for S/MIME to send the CSR too.
> 
> Globalsign but they wanted $89 - no one else.
> 
> Found a few sites that offered to "send me a quote" that I think were 
> intended for corporate accounts.
> 
> Where do regular users who just want an inexpensive certificate usable for 
> S/MIME from a CSR generated the traditional way go to buy a cert?
> 
> -=-
> 
> Off Topic 2
> 
> I'm going to strangle whoever it is at Google that thinks it is a good idea 
> to put so many video results at the top of search results for this kind of 
> thing. I'm really getting sick of how highly ranked videos now are in search 
> engines.
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos



Good question.

Usually, these are more targeted towards businesses, ordering a number of 
client-certificates (not just one or two).

Do you have a business (your website looks like a business)?

Here in Switzerland, we use QuoVadis for these certificates (and the normal 
ones). I’m not sure if they provide service to US citizens.

I suggest you consider subscribing to ProtonMail, if nothing else comes 
forwards.

They’ve got a „2 years for 1“ special up for another couple of hours.



Best Regards
Rainer



___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] [OT] Where to buy S/MIME ??

[Alice Wonder]

Hi, I'm getting increasingly paranoid.

Something I said on a certain social media site several months ago was 
modified - then reported - then by account was banned until I agreed to 
delete it.


Obviously since what I said was modified I didn't have any issue with 
deleting it but I want more than just DKIM sigs on my e-mail now.


Anyway looking for S/MIME I can use to sign and/or encrypt but mostly 
sign. Not interested in GnuPG or self-signed S/MIME - I want something 
that can be trusted because someone else that is trusted actually 
vouched for me.


The "free for personal" S/MIME from Comodo didn't work. Browser said it 
did but there was nothing to export for me to then import. I suspect it 
is because I used private browser window, I really don't like the idea 
of a private key stored in browser anyway. And it never asked for a 
password to encrypt the private key, nor let me specify key strength 
(only let me choose between medium and high - I assume high is 4096 but 
I don't know, it didn't say)


Didn't like the "browser generated" process, even if it had worked and 
generated the final product I could export - I really didn't like the 
process and have serious questions about the wisdom of a private key 
without a pass phrase stored in an application that interacts with web 
sites.


Anyway so used openssl to create private key (with aes-256 encryption 
and pass phrase) and then a CSR.


But I can't find anyone who sells certs for S/MIME to send the CSR too.

Globalsign but they wanted $89 - no one else.

Found a few sites that offered to "send me a quote" that I think were 
intended for corporate accounts.


Where do regular users who just want an inexpensive certificate usable 
for S/MIME from a CSR generated the traditional way go to buy a cert?


-=-

Off Topic 2

I'm going to strangle whoever it is at Google that thinks it is a good 
idea to put so many video results at the top of search results for this 
kind of thing. I'm really getting sick of how highly ranked videos now 
are in search engines.

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos