Hello Jernej,
On Fri, 8 Apr 2011 18:41:31 +0200 GMT (08/Apr/11, 23:41 PM +0700 GMT),
Jernej Simončič wrote:
I think I mentioned it before: I added this somehow with the result
that no messages could be sent anymore. I had to go through the cert
list in TB! and delete the one in question. The
Sveiki,
Monday, April 18, 2011, 6:23:01 PM, you wrote:
Hello Jernej,
On Fri, 8 Apr 2011 18:41:31 +0200 GMT (08/Apr/11, 23:41 PM +0700 GMT),
Jernej Simončič wrote:
I think I mentioned it before: I added this somehow with the result
that no messages could be sent anymore. I had to go
Hello Vilius,
Tuesday, April 19, 2011, 12:53:03 AM, you wrote:
JS That's weird - it certainly worked for me (I recently switched to
JS StartSSL for our mail server's certificate, and TB didn't know this
JS CA, so I added their certificate).
I found out that the cert is wrong. It's in the name
On Thursday, April 7, 2011, 18:33:07, Thomas Fernandez wrote:
I think I mentioned it before: I added this somehow with the result
that no messages could be sent anymore. I had to go through the cert
list in TB! and delete the one in question. The result was that I get
asked every time and
On Thursday, April 7, 2011, 18:30:02, Thomas Fernandez wrote:
Thanks for correcting me. In fact, I don't sign certificates, my
university does and I only click OK each time. Doing that regularly
without knowing whether the certificate is really OK, might not be
within the philosophy of using
Hi Jernej,
It isn't - but it's not any worse than using an unencrypted
connection.
OK, but what to do if the other side does not wish to install some encryption?
I had to delete mine, because no one of the people I'm exchanging mail with,
has de/encryption. The answers I get the most if
On Friday, April 8, 2011, 19:08:14, Gunivortus Goos wrote:
OK, but what to do if the other side does not wish to install some encryption?
We're not talking about PGP/GPG/S-MIME here - we're talking about
encrypted connection between your client and POP3/IMAP/SMTP server
(which primarily ensures
Sveiki,
Friday, April 8, 2011, 8:08:14 PM, you wrote:
Hi Jernej,
It isn't - but it's not any worse than using an unencrypted
connection.
OK, but what to do if the other side does not wish to install some encryption?
I had to delete mine, because no one of the people I'm exchanging mail
Hi Simon,
1.- Certify endpoints. For this there must be an unbroken certificate
chain from a trusted CA down through 0 or more intermediate
certificates to the end certificate that is being used. For this
purpose Vilius is right, self-signed certificates are no use.
Why would that be?
For
Title: Re[2]: TLS + Self Signed Certificate
Hi Alto,
Thursday, April 7, 2011, 4:05:23 AM, you wrote:
Hi Simon,
snip
While not automatic, the endpoint _is_ certified (or at least
certifiable) nevertheless using self-signed certificates. You just
have to do the checking yourself instead
Hello Jernej,
On Wed, 6 Apr 2011 19:58:22 +0200 GMT (07/Apr/11, 0:58 AM +0700 GMT),
Jernej Simončič wrote:
I would join the request for the possibility to store an exception
for an otherwise invalid certificate just as I can (for example) in
Firefox...
JS Just import it in Trusted Root CA
Hello Jernej,
On Wed, 6 Apr 2011 20:04:16 +0200 GMT (07/Apr/11, 1:04 AM +0700 GMT),
Jernej Simončič wrote:
You are right, it does not add security.
JS Wrong - your own certificates are the only ones you can actually trust
JS (assuming you don't let the private key escape), so they're more
JS
Title: TLS + Self Signed Certificate
Hi all,
I host my own mail server (Courier). Being the cheapskate that I am, I use a self signed certificate for TLS/SSL connections. I am using the internal S/MIME and TLS implementation.
I have had different scenarios in different versions
Hello,
Search for VeriSign, Thawte, Comodo.
--
Vilius
From: tbbeta-boun...@thebat.dutaint.com
[mailto:tbbeta-boun...@thebat.dutaint.com] On Behalf Of Simon Martin
Sent: 2011 m. balandžio 6 d. 16:05
To: tbbeta@thebat.dutaint.com
Subject: TLS + Self Signed Certificate
Hi all,
I
On Wednesday, April 6, 2011, 15:04:30, Simon Martin wrote:
I host my own mail server (Courier). Being the cheapskate that I
am, I use a self signed certificate for TLS/SSL connections. I am
using the internal S/MIME and TLS implementation.
http://www.startssl.com/ offers free SSL
Title: Re[2]: TLS + Self Signed Certificate
Hi Vilius
Wednesday, April 6, 2011, 8:32:27 AM, you wrote:
Hello,
Search for VeriSign, Thawte, Comodo.
Yes this is an option, however all the other e-mail clients I have tried (Windows Live Mail included) allow me to accept and store
Hello Simon,
I am using the internal S/MIME and TLS implementation.
Is there a reason for that?
Is there anywhere I can register my certificate to avoid these errors?
If you used the standard Windows mechanism, all you have to do is
import the root-certificate (the one that had been used
Title: Re: TLS + Self Signed Certificate
Hello Vilius,
how is that supposed to be helping the original poster?
I believe he was asking for a possibility to explicitly mark a certificate as trustedlocally. To my knowledge Thawte alia can only issue him an official one, which is not really what
Please do not use HTML for simple email messages, it is hard to reply inline,
and mods are complaining about top posting.
What's the point to accept and store self-signed certificate anyway? It ads
zero security. This was discussed on this list extensively multiple times, and
if you really
Hi Vilius,
What's the point to accept and store self-signed certificate
anyway?
It's a required function.
End of story. It's as simple as that.
--
Mit freundlichen Grüßen
Alto Speckhardt
mailto:alto.speckha...@gmx.de
Current beta
how is that supposed to be helping the original poster?
I believe he was asking for a possibility to explicitly mark a certificate
as trusted locally. To my knowledge Thawte alia can only issue him an
official one, which is not really what he was aiming for.
I don't know that. He stated
Hello Viktor,
On Wed, 6 Apr 2011 14:41:53 +0200 GMT (06/Apr/11, 19:41 PM +0700 GMT),
Viktor Kabelac wrote:
VK I would join the request for the possibility to store an
VK exception for an otherwise invalid certificate just as I can (for
VK example) in Firefox...having had the same problem in the
Hello Vilius,
On Wed, 6 Apr 2011 17:10:29 +0300 GMT (06/Apr/11, 21:10 PM +0700 GMT),
Vilius Šumskas wrote:
VŠ What's the point to accept and store self-signed certificate
VŠ anyway? It ads zero security.
You are right, it does not add security. However, it adds
convenience.
VŠ This was
Wow! This is becoming pandemonium! One individual has already been
blocked for ignoring moderations on top posting. It is one of the
rules we don't let slide because of how badly illegible threads
become. Please read the moderation notice properly.
Sorry, I didn't quite read the list's rules
Hello Vilius,
On Wed, 6 Apr 2011 17:10:29 +0300 GMT (06/Apr/11, 21:10 PM +0700 GMT),
Vilius Šumskas wrote:
VŠ What's the point to accept and store self-signed certificate
VŠ anyway? It ads zero security.
You are right, it does not add security. However, it adds
convenience.
You can do this by using standard plain text connection method.
That is hard to do if the server, for example, only supports SSL
connections (as is common practice today) and uses self-signed certs for
that - and as such just as good as advising someone, who complains that
a car lets him put in
Hello Vilius,
On Wed, 6 Apr 2011 18:07:15 +0300 GMT (06/Apr/11, 22:07 PM +0700 GMT),
Vilius Šumskas wrote:
VŠ What's the point to accept and store self-signed certificate
VŠ anyway? It ads zero security.
You are right, it does not add security. However, it adds
convenience.
VŠ
VŠ What's the point to accept and store self-signed certificate
VŠ anyway? It ads zero security.
You are right, it does not add security. However, it adds
convenience.
VŠ Convenience? How?
Byu not having to click OK to accept the cert each time I send a
message. I thought that was
You can do this by using standard plain text connection method.
That is hard to do if the server, for example, only supports SSL
connections (as is common practice today) and uses self-signed certs for
that - and as such just as good as advising someone, who complains that
a car lets him put
Hello Vilius,
On Wed, 6 Apr 2011 18:54:50 +0300 GMT (06/Apr/11, 22:54 PM +0700 GMT),
Vilius Šumskas wrote:
VŠ What's the point to accept and store self-signed certificate
VŠ anyway? It ads zero security.
You are right, it does not add security. However, it adds
convenience.
VŠ
I'm not sure why you think this is a common practice. Sure it was the
case like 5 years ago, but now every major webmail provider, bigger
Only SSL only was meant to be common practice - not the self-signed
certificates. Did I express myself this unclearly?
companies and even universities use
Hi Vilius et al,
Wednesday, April 6, 2011, 12:00:16 PM, you wrote:
You can do this by using standard plain text connection method.
That is hard to do if the server, for example, only supports SSL
connections (as is common practice today) and uses self-signed
certs for that - and as such
Title: Re: TLS + Self Signed Certificate
I have the same problem, in v4 I could add my cert to trusted, now this button is inactive, this will be changed in next release or should I buy new cert?
regards
ML
Wednesday, April 6, 2011, 6:18:49 PM, you wrote:
I'm not sure why you think
Sveiki,
Wednesday, April 6, 2011, 8:21:03 PM, you wrote:
Hi Vilius et al,
Wednesday, April 6, 2011, 12:00:16 PM, you wrote:
You can do this by using standard plain text connection method.
That is hard to do if the server, for example, only supports SSL
connections (as is common practice
Hi Vilius et al,
big snip
There are 2 main uses for PKE.
1.- Certify endpoints. For this there must be an unbroken certificate
chain from a trusted CA down through 0 or more intermediate
certificates to the end certificate that is being used. For this
purpose Vilius is right, self-signed
Sveiki,
Wednesday, April 6, 2011, 8:56:31 PM, you wrote:
This is what the confirmation dialog does. It says I have this
certificate that I don't trust, do you trust it? and also gives the
details for the certificate. This means that the user has the control
to decide whether or not to trust
78|jn h776i Vilius et al,
Wednesday, April 6, 2011, 1:05:46 PM, you wrote:
Sveiki,
Wednesday, April 6, 2011, 8:56:31 PM, you wrote:
This is what the confirmation dialog does. It says I have this
certificate that I don't trust, do you trust it? and also gives the
details for the
On Wednesday, April 6, 2011, 14:41:53, Viktor Kabelac wrote:
I would join the request for the possibility to store an exception
for an otherwise invalid certificate just as I can (for example) in Firefox...
Just import it in Trusted Root CA in Address book, and it'll work.
--
Jernej
On Wednesday, April 6, 2011, 19:21:03, Simon Martin wrote:
1.- Certify endpoints. For this there must be an unbroken certificate
chain from a trusted CA down through 0 or more intermediate
certificates to the end certificate that is being used. For this
purpose Vilius is right, self-signed
On Wednesday, April 6, 2011, 16:21:35, Vilius Šumskas wrote:
And I would join opposing side, that it would make The Bat! for average user
less safe.
No, it wouldn't (besides, it's already supported). Not just that, but
if you want to be really safe, you'll delete every CA that's installed
by
On Wednesday, April 6, 2011, 16:19:10, Thomas Fernandez wrote:
You are right, it does not add security.
Wrong - your own certificates are the only ones you can actually trust
(assuming you don't let the private key escape), so they're more
trustworthy than certificates signed by 3rd party CAs.
41 matches
Mail list logo
