-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ***^\ ."_)~~ ~( __ _"o Was another beautiful day, Fri, 29 Apr 2005, @ @ at 14:19:53 +0200, when Stephane Bouvard [ML] wrote:
> In Belgium, we have now an electronic identity card... this card > include a certificate allowing us to digitaly sign a document/email... > The problem is : this certificate is used to authenticate our name, > not a "temporary" or a specific email address... it means that this > certificate does not mention any email address... > Consequence, when i try to sign a mail with The Bat! Pro, it tell > me that there isn't any certificate for my email address (i think that > The Bat only try to find a certificate with my email address, and > refuse to use a certificate not mentionning it )... but i do not find > how i can ask it to use my "address-less" certificate... > With Microsoft Outlook, i need to manualy change a registry key to > allow it : > HKLM\SOFTWARE\Microsoft\11.0\Outlook\Security\SupressNameChecks > Is it possible with The Bat ! ? Or did i need to forget TB and use Outlook ? Hmm...that's problem with The Bat (btw, you can't change anything in this regard in TB's registry entry), and as I know it's not solved in any way. You might cheat though TB by associating a fake/"blank" address to your nick/name (like giving the address in a form -- literally -- [EMAIL PROTECTED] ), but again it will be, via TB, associated only with the corresponding account, which hence must be tied to the fake address, and a fake address you cannot use for any correspondency. There are some other limitations as to PGP keys used in TB, for instance, when you want to sign a message, you'll be offered *only* those keys with the address corresponding to the actual account (while in some earlier versions you could freely use *any* key with any address associated). Etc. There are some other...peculiarities too, but let's them put aside in the moment, it's already pretty messy situation with some *really* important and essential features, being consistently neglected, in the strange favour of definitely nonessential ones. A bearable "workaround" would be perhaps that authors get these, actually nonsensical, and absolutely unnecessary, limitations -- "unblocked", allowing this way the user to choose *any* PGP key/certificate s/he wants to use (with or without address!), since TB does not have and "rights" actually to "think" and "decide" instead the user which key will be used and in a what way: it is entirely and strictly the matter of the user him/herself, and of the external program (PGP/GPG/etc) s/he uses, in the way s/he wants to use it. TB is here just an "intermediary" and shouldn't in any way interfere with something it's not allowed or even appropriate to interfere with. That is, I should be able, for instance, to sign a message with key 1, then to encrypt it with a key 2 and to send it using account with address corresponding to a key 3. (-: That's my *right* to do with my keys what *I* want and what *I* find appropriate. Not what some "software" tells me what is "good" "for me". It is nonsensical. (-: These "associations" of keys/certificates with accounts/addresses etc. should be dismissed. So, when a User wants to sign/encrypt a message, then *all* keys/certificates on disposal should be offered, in *any* account. Isn't that obvious? (-: - -- Mica PGP keys nestled at: http://bardo.port5.com/pgpkeys/ [Earth LOG: 240 day(s) since v3.0 unleashing] OSs: Windows 98 SE Micro Lite Professional IVa Enterprise Millennium with nestled ZipSlack(tm) 9.1, and, for TB sometimes, Gentoo and Vector via Wine... ~~~ For PM please use my full address as it is *exactly* given in my "From|Reply To" field(s). ~~~ -----BEGIN PGP SIGNATURE----- iD8DBQFCcjwN9q62QPd3XuIRAqs1AJ0Va4v0RcDHNiPo251pj5q74zJizgCaAh7N 2AscOA7sqtCCMP2z4emm020= =gLzj -----END PGP SIGNATURE----- ________________________________________________ Current version is 3.0.1.33 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
