Quoting Jan Schneider <[EMAIL PROTECTED]>:
Zitat von "[EMAIL PROTECTED]" <[EMAIL PROTECTED]>:
Jan Schneider wrote:
Zitat von "[EMAIL PROTECTED]" <[EMAIL PROTECTED]>:
When user1 send email signed by certificate issued to user2, IMP
says that email verification is OK, though there should be
warning, I think.
----------
From: [EMAIL PROTECTED] *
To: [EMAIL PROTECTED]
Subject: certificate is not mine!
This message has been digitally signed via S/MIME.
The message has been verified. *Sender: [EMAIL PROTECTED]
The S/MIME certificate of Thawte Freemail Member: View/Save in
your Address Book
Show this HTML in a new window?
-----------
I have certificate issued to [EMAIL PROTECTED], imported it to
vuser1 and send the mail above. Mozilla Thunderbird says that
message signature is valid, but email address listed in sender
certificate is different from address that was used to send this
message.
Is there an option to say IMP to check sender email?
It does that! The verification message clearly shows the
certificate's owner.
Jan.
Yes, it displays owner of cert, but why there is no warning that
message has been sent by other person? Definitely it indicates a
problem if sender's email is different from address in sender's
cerificate.
Not necessarily, a user can send a message on behalf of a larger
entity that owns the cert. Beside that, there is technically no mean
to get a message's sender from a MIME viewer (which is used to
render and verify the signed message) in Horde at the moment.
This will be possible in IMP 5 - the MIME Viewer will have access to
the full MIME message, including headers of the base RFC822 part.
michael
--
___________________________________
Michael Slusarz [EMAIL PROTECTED]
--
IMP mailing list - Join the hunt: http://horde.org/bounties/#imp
Frequently Asked Questions: http://horde.org/faq/
To unsubscribe, mail: [EMAIL PROTECTED]
