In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] says...
Some certs are limited in their use to be only for signing, not encryption. Other certs are limited to be used only for encryption, not signing. And others may be used for both.
There's no need to store other people's signature-only certs in moz's DB, since there will be a copy of the relevant signing certs attached to any signed email. The only certs that need to be stored are encryption certs.
Some S/MIME clients (Outlook express for example) have an option to omit the signing certificate from a signed email, presumably to reduce message size.
Steve.
Steve, Thanks for this info. It's food for thought.
_______________________________________________ mozilla-crypto mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-crypto
