the _Digital Certificates_ book has a summary of Netscape Messenger
security settings ca. 1999; i don't think they've changed that much.
Sending (checkboxes):
Encrypt mail when possible
Sign mail when possible
Sign usenet news when possible
Certificate to use (dropdown)
Send Certificate to Directory (this is for pushing certs out to public
directories of one kind or another)
Advanced S/MIME Config
Select Ciphers
(here we need to provide options for RC2-40 (yeecchh) for S/MIME v2
compatibility and for 3DES for S/MIME v3 compatibility, with a
default of 3DES i should think.)
as far as certificates go, if folks attach the certificate chains to
signed messages (common practice), then you can collect them and attach
them to address book entries.
in terms of what you will see in inbound S/MIME, an encrypted message will
look more-or-less like the following; there will be a text/plain section
inside the CMS encapsulated text.
outside of the encrypted section:
Content-Type: application/pkcs7-mime; smime-type=enveloped-data
and inside:
Content-Type: text/plain
in theory you may see signed messages like this except for
smime-type=signed-data, but this will be rare, as such messages can't be
read by non S/MIME capable clients. instead, standard practice for signed
messages is
Content-Type: multipart/signed; protocol="application/pkcs7-signature";
micalg=sha1; boundary=boundaryYYY
--boundaryYYY
Content-Type: text/plain
text of message
--boundaryYYY
Content-Type: application/pkcs7-signature
Content-Transfer-Encoding: base64
signature here
--boundaryYYY--
richard
--
Richard Welty [EMAIL PROTECTED]
Averill Park Networking 518-573-7592
Unix, Linux, IP Network Engineering, Security
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Two, two, TWO treats in one.
http://thinkgeek.com/sf
_______________________________________________
Mahogany-Developers mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/mahogany-developers
