Richard Hall wrote:
> It seems that I should be able to send an encrypted mail to someone as > long as their public key is available in my ldap server. > > I have 'my' prv and pub key installed in Moz/TB and can succesfully look > up recipients from the LDAP server, but when I click on the padlock I > get "not found" against the status column and "Not Possible" against the > "encrypted" attribute. > > I *can* manually export the recipient's key from the ldap server and > import it into the moz/tb wallet and then sucessfully send encrypted > mail to the recipient so it looks like the cert is reasonably ok. It > seems that I *should* be able to drag the cert at runtime out of the > directory though.
Netscape and mozilla browsers/mailers require that the recipient's encryption cert be in the local cert DB.
Communicator 4.x had the ability to pull certs from a directory server and import them into the local cert DB. It was a feature in the cert DB UI. But AFAIK, that feature has never been added to mozilla.
Seems like a good feature request. The problem is that, at present, it appears there are zero people working on PSM, the crypto UI component of mozilla. mozilla needs people to work on it more than it needs people to test it, IMO.
> I've looked through the specs, the groups - everything except the > sourcecode which I'm hoping will be a last resort. > > So - am I expecting too much, are Moz/TB acting as designed?
I think the answer is that you are looking for a feature that is not, AFAIK, one of the official features of mozilla.
> If not, what specific attribute may be missing from the cert's DN etc.?
Above, you said that when you import the cert manually, you are able to send encrypted email. That tells me that the cert is fine - adequate for encrypted email purposes with mozilla. The problem is merely that until the cert gets imported into mozilla's cert DB, mozilla can't use it.
> (versions: tried on moz1.6 & moz1.7 and TB 0.6). > > tia, > Richard
-- Nelson B _______________________________________________ mozilla-crypto mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-crypto
