On 01/-10/-28163 08:59 PM, [email protected] wrote: >> I really appreciate your help and input. Have you also tried to see how >> they handle the case where you add an extra recipient. So, you have an >> encrypted message for user [email protected], now you also add as an >> extra recipient [email protected] (to the message envelope and header). >> Is the message then decrypted for user [email protected] and for user >> [email protected] it's still encrypted? > > What does a normal Mailclient do in this case? As far as i know > Outlook/Thunderbird refuses to send a encrypted mail if there is no > matching (mailadress) certificate for one of the recipients and split > the mail so every copy is encrypted with the certificate which matches > the recipient. > So the case to have a (internal) recipient with no private key on the > gateway but encrypted mail (with some other certificate from the > gateway) should not happen beside the case "domain-encryption".
There are exceptions to the rule (as always :) but in most cases this is true. An exception is when the sender manually selected a certificate for a recipient with a non-matching email address. This can happen in practice when a recipient has multiple aliases (and is using a gateway). > > So i would vote for a switch to allow either domain-encryption or > secure-mode with matching recipient address and private-key. This option would imply that a message need to be decrypted multiple times, once for each recipient, so it may impact the speed a bit. I will put this option on the development agenda. -- Djigzo open source email encryption
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Users mailing list [email protected] http://lists.djigzo.com/lists/listinfo/users
smime.p7s
Description: S/MIME Cryptographic Signature
