Zitat von Martijn Brinkers <[email protected]>:
On 01/-10/-28163 08:59 PM, [email protected] wrote:Zitat von Martijn Brinkers <[email protected]>:On 01/-10/-28163 08:59 PM, [email protected] wrote:Zitat von Martijn Brinkers <[email protected]>:Hi, A new Djigzo Gateway release candidate (2.1.1) is available. http://www.djigzo.com/beta.html Release notes: Improvements * If a certificate was available for a recipient, a user object was always created for that recipient. The user is no longer added by default.What is the reasoning behind this one? I found it handsome to which addresses where handled by S/MIME and which not by consulting the user list.My thinking was that you only need to add a user when you need to override an inherited setting. Adding an external user when a certificate is available for the user resulted in a lot of pointless users when using domain to domain encryption since a certificate is available for every sender. I can however see your point in that it helps you to see for which external users a certificate is available. The old behavior can be reenabled by replacing RecipientHasCertificates=matchOnError=false,false with RecipientHasCertificates=matchOnError=false,true but this requires you to change the config.xml file. I guess you want it to be configurable from the GUI? ;)It isn't that important to clutter the GUI with just another setting i guess, it just was "handsome" to quickly alter problematic receivers because the user already exists. Would it be possible to not auto create users for domains the domain-to-domain encryption is configured or something like "auto-create-user-strict-mode" so only users are auto created when exactly matching certificates are involved?Detecting whether the recipient is using domain to domain encryption is possible but a lot more work than using a setting and slower since instead of just retrieving the list of all certs, a check should be done to see whether the cert was a domain cert or not. It's doable but if I have to choose between an extra advanced setting or checking for domain certs etc. I prefer the extra setting.
In this case the extra setting is the better way to go of course.
Yesterday there was a question about syncing with LDAP and getting a list of users that are using S/MIME encryption so I guess you are not the only one that likes that feature so I guess it's better to allow the admin to decide whether to automatically add a user or not.It isn't that important to clutter the GUI with just another setting..I moved some settings (the mobile settings) to a specialized page. This Perhaps I can move certain properties to a specialized page?
Maybe it's time to group the S/MIME special settings like "strict-mode", "skip-invites" and the like on one page...
Regards Andreas
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Users mailing list [email protected] http://lists.djigzo.com/lists/listinfo/users
