Re: [Evolution] Automatically fetching public key for encrypted mail does not work
On Tue, 2016-03-01 at 10:03 +0100, Milan Crha wrote: > > there was a Google Summer of Code project providing fetch of X.509 > certificates (for S/MIME, which MS Exchange supports) from address > books. It took the certificates from Global Address List (GAL), as > advertised by the MS Exchange server. It's filled here: > for LDAP: https://bugzilla.gnome.org/show_bug.cgi?id=203251 > for address books in general: > https://bugzilla.gnome.org/show_bug.cgi?id=704246 > > The work is currently blocked on NSS. Feel free to join the later bug, > the reporter has better overview of the subject. Actually the interesting bug is #736808. Specifically: https://bugzilla.gnome.org/show_bug.cgi?id=736808#c2 The "making the certs available" part is solved by evolution-pkcs11. Although that does want a little updating to make it build against the latest Evolution. As Milan says, the reason it's not merged into Evolution (or EDS) and enabled by *default* is because of NSS. The NSS PK11_ListCerts() function takes O(n²) time, because it iterates over the certs, for each one calling back into a naïve 'collector' function that checks it's unique and adds it to the list. In my case it takes about ten minutes to process all the certs that evolution-pkcs11 makes available. When you bring up the prefs dialog (not even looking at certs), Evolution calls that PK11_ListCerts() function. Three times, in quick succession. From the main thread, before it does any redrawing or anything else. 30 minutes later, you can finally see the prefs dialog :) So... in comment #2 of the bug, as referenced above, it says what I think needs doing — populate the dialog asynchronously instead of making us wait, and instead of using PK11_ListCerts we use our *own* code to iterate over the certs in the token, calling back to our own *non-stupid* callback function which quickly inserts each one into a GHashTable or something like that, instead of a linear list. In the longer term, I'd love to just ditch NSS completely and use something saner. But this should suffice for now to enable the GAL certificate lookup. -- David WoodhouseOpen Source Technology Centre david.woodho...@intel.com Intel Corporation smime.p7s Description: S/MIME cryptographic signature ___ evolution-list mailing list evolution-list@gnome.org To change your list options or unsubscribe, visit ... https://mail.gnome.org/mailman/listinfo/evolution-list
Re: [Evolution] Automatically fetching public key for encrypted mail does not work
Thanks tons Milan :-) I know David W. I'll contact him. Thanks again! On 01/03/16 10:03, Milan Crha wrote: better overview of ___ evolution-list mailing list evolution-list@gnome.org To change your list options or unsubscribe, visit ... https://mail.gnome.org/mailman/listinfo/evolution-list
Re: [Evolution] Automatically fetching public key for encrypted mail does not work
On Mon, 2016-02-29 at 22:58 +0100, Niklas Andersson wrote: > Hi, > > We are evaluating Evolution as a corporate email client and it > looks > really good. We are in particular very pleased with the integration > with > MS Exchange. > > One thing we didn't got to work though was automatically download > of > the senders public key from the directory in case the email was send > encrypted. > > Does anybody know if this feature is supposed to work? Is it on > the > todo-list if not? Can we pay someone to get it implemented if not? Hi, there was a Google Summer of Code project providing fetch of X.509 certificates (for S/MIME, which MS Exchange supports) from address books. It took the certificates from Global Address List (GAL), as advertised by the MS Exchange server. It's filled here: for LDAP: https://bugzilla.gnome.org/show_bug.cgi?id=203251 for address books in general: https://bugzilla.gnome.org/show_bug.cgi?id=704246 The work is currently blocked on NSS. Feel free to join the later bug, the reporter has better overview of the subject. Bye, Milan ___ evolution-list mailing list evolution-list@gnome.org To change your list options or unsubscribe, visit ... https://mail.gnome.org/mailman/listinfo/evolution-list
Re: [Evolution] Automatically fetching public key for encrypted mail does not work
...and we are testing with Evolution 3.18.5 On 01/03/16 09:15, Niklas Andersson wrote: Hi, No, we would need to fetch the keys from a LDAP-directory Assumed it's Linux, did you already try https://wiki.gnome.org/Apps/Evolution/FAQ#How_can_import_GPG_keys_automatically_from_within_Evolution.3F ? ___ evolution-list mailing list evolution-list@gnome.org To change your list options or unsubscribe, visit ... https://mail.gnome.org/mailman/listinfo/evolution-list ___ evolution-list mailing list evolution-list@gnome.org To change your list options or unsubscribe, visit ... https://mail.gnome.org/mailman/listinfo/evolution-list
Re: [Evolution] Automatically fetching public key for encrypted mail does not work
Hi, No, we would need to fetch the keys from a LDAP-directory Assumed it's Linux, did you already try https://wiki.gnome.org/Apps/Evolution/FAQ#How_can_import_GPG_keys_automatically_from_within_Evolution.3F ? ___ evolution-list mailing list evolution-list@gnome.org To change your list options or unsubscribe, visit ... https://mail.gnome.org/mailman/listinfo/evolution-list
Re: [Evolution] Automatically fetching public key for encrypted mail does not work
On Mon, 29 Feb 2016 22:58:22 +0100, Niklas Andersson wrote: >One thing we didn't got to work though was automatically download of >the senders public key from the directory in case the email was send >encrypted. Assumed it's Linux, did you already try https://wiki.gnome.org/Apps/Evolution/FAQ#How_can_import_GPG_keys_automatically_from_within_Evolution.3F ? ___ evolution-list mailing list evolution-list@gnome.org To change your list options or unsubscribe, visit ... https://mail.gnome.org/mailman/listinfo/evolution-list
Re: [Evolution] Automatically fetching public key for encrypted mail does not work
On Mon, 2016-02-29 at 22:58 +0100, Niklas Andersson wrote: > Hi, > > We are evaluating Evolution as a corporate email client and it > looks > really good. We are in particular very pleased with the integration > with > MS Exchange. Getting really tired of saying this, but please state which version of Evolution you are using (Help->About). poc ___ evolution-list mailing list evolution-list@gnome.org To change your list options or unsubscribe, visit ... https://mail.gnome.org/mailman/listinfo/evolution-list
[Evolution] Automatically fetching public key for encrypted mail does not work
Hi, We are evaluating Evolution as a corporate email client and it looks really good. We are in particular very pleased with the integration with MS Exchange. One thing we didn't got to work though was automatically download of the senders public key from the directory in case the email was send encrypted. Does anybody know if this feature is supposed to work? Is it on the todo-list if not? Can we pay someone to get it implemented if not? Any input would be most valuable. Thanks and best regards, Niklas Andersson ___ evolution-list mailing list evolution-list@gnome.org To change your list options or unsubscribe, visit ... https://mail.gnome.org/mailman/listinfo/evolution-list
