Timur,
Nice to see you in this neck of the woods !
Timur Tabi wrote:
I know little about cryptography and how the S/MIME stuff works, so bear with me as I use simplified descriptions. I have a few public keys that I picked up from friends who sent me signed emails. With these keys, I can send them encrypted email. I also have a public and private key that I got from Thawte, that allows me to send signed emails and read encrypted emails sent to me. I'm running Mozilla 1.8 on OS X.
One clarification first : Mozilla does not store public keys by themselves. It stores your correspondents' x.509 certificates, which among other things contain both their public key and their identity bound together (e-mail address).
I'm moving my stuff to another computer running OS X. I want to transfer all of these public and private keys to that computer, so that everything works as it does here. What's the easiest way to do that?
For your personal certificates and private keys, you can back them up to a PKCS#12 file . The easiest way to do this in Mozilla is to use edit / preferences / privacy & security / manage certificates / backup all .
Then, in the same menu on the other machine, you can import this file to restore your cert and keys.
Currently, there isn't a good way within mozilla to backup & export your recipients' certificates . A standard format exists, called PKCS#7, which can be imported, but there is no backup function for the public certs (ie. other people's certs) in Mozilla .
One way to restore your friends certificates if you use an IMAP server is to simply re-read their signed e-mails in your Mozilla client on the new machine. Whenever you do so, Mozilla imports their certificates into the certificate database.
If you aren't using IMAP, your next best bet is to simply copy over the entire cert and key db files from your old machine to their location in the profile on the new system. This will also restore your private key, thus eliminating the requirement for the PKCS#12 import/export step.
If you are running Mozilla 1.8, the files you are looking for should be cert8.db and key3.db . However, the Mac browser developers have been known to change the default database filenames so perhaps they are something else. The actual database file format is platform-independent, so once you get them into the right filename and location, you can move your keys and certs to any machine on any OS running the same version of Mozilla.
_______________________________________________
mozilla-crypto mailing list
[EMAIL PROTECTED]
http://mail.mozilla.org/listinfo/mozilla-crypto
