----- Original Message -----
From: "Daniel Senie" <[EMAIL PROTECTED]>
To: "Alan W. Rateliff, II" <[EMAIL PROTECTED]>
Sent: Monday, October 06, 2003 9:20 AM
Subject: Re: Fw: Chained certs
> Normally it's the responsibility of the client to obtain the certs. After
> all, the client needs to verify them. It sounds like you're using a root
> cert that Eudora doesn't know about (which is most). The Eudora folks have
> been made aware of the need to get more certs in their distribution, and
> the GeoTrust folks, at least, have said they intend to get themselves set
> up with more mail clients.
Supposedly, ALL of the certs in my chain are supposed to be part of a number
of operating systems... so, who knows...
> This is really a Eudora problem, not a qpopper problem.
It winds up being a problem with all mail clients. I've tested with Outlook
Express, Outlook, Netscape, Eudora, and Pegasus. While it doesn't seem to
be TECHNICALLY a problem with QPopper, Sendmail and Apache BOTH present the
necessary certs for clients to properly process the chain.
> You can extract the root cert from the CA you're using, and make that
> available for import for your users.
I was hoping to avoid that. Had I known it would be this much of a problem,
I would have saved the $50 and just created self-signed certificates.
In any case, I think this is my breaking point for leaving QPopper in favor
of the WU ipop3d daemon. I've been very pleased with my QPopper
installations, but if ipop3d will handle chained certs better, then that's
where I need to go.
Thanks for the input.
--
Alan W. Rateliff, II : RATELIFF.NET
Independent Technology Consultant : [EMAIL PROTECTED]
(Office) 850/350-0260 : (Mobile) 850/559-0100
-------------------------------------------------------------
[System Administration][IT Consulting][Computer Sales/Repair]
