There is a big security bug in TB related to handling of s/mime certificates. TB deletes or damages S/MIME capabilities data of the certificate, especially data of the recipient's S/MIME capabilities. Consequence: if you import a certificate sent by TB with MS Outlook, Outlook (and most probably other mail clients) does not know which encryption algorithm to use and will use the lowest possible (RC2 40 bits). A 40 bit encryption is far from secure. It is currently impossible to distribute certificates using TB to Outlook recipients because TB damages the certificates. Can anyone confirm this?
________________________________________________________ Current beta is 5.2.1.1 | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html
