Zitat von Bernhard Heinzle <[email protected]>:
Am 12.01.2011 16:02, schrieb [email protected]:The standard mail clients i'm aware of don't display headers at all so not sure what you are trying to achieve...of course you are right, but i'm thinking about if it makes sense to make this information (wether the email was encrypted and/or signed) accessible for end-users in a way they can unterstand it, for instance by extending the web mail software. same as a possible thunderbird-addon, which was discussed some time ago in this mailing list (http://lists.djigzo.com/pipermail/users/2010-July/000335.html)
With this in mind it would be useful, yes.
You must delete the users certificate/key after export in Djigzo. The "user" is only a container for user specific settings and created on-the-fly with defaults if not available. As long as Djigzo finds a matching private key it does its work and decrypt the message.as i was not quite sure anymore if i deleted the certificate/key or not i tested it once again. djigzo decrypts the message even after deleting the certificate/key. even after rebooting the gateway.
Huhh? This would be magic, because without private key you can and should never be able to decrypt a message. Do you maybe have more than one key for the user (=address) in question or using the same private key in different certificates?
BTW: I have seen you are using the built in CA. In most cases it is more useful to get some cheap "well-known" certificates like from www.startssl.com instead, so you don't suffer the pain to distribute your root CA certificate. The builtin CA is useful if you like to create a "island-of-trust" or a S/MIME site-to-site VPN.
Regards Andreas
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Users mailing list [email protected] http://lists.djigzo.com/lists/listinfo/users
