Mailinglist Archive: opensuse-factory (421 mails)

< Previous Next >
Re: [opensuse-factory] Kmail and SMime (Was: Need to click twice on shutdown to power-off TW)
  • From: stakanov <stakanov@xxxxxxxxxx>
  • Date: Sat, 30 Sep 2017 09:25:26 +0200
  • Message-id: <5463759.hPoRRRvFP8@roadrunner>
In data sabato 30 settembre 2017 09:06:10 CEST, Tom Hardy ha scritto:
On Saturday, 30 September 2017 00:08:32 CDT stakanov wrote:
He did an
"P.S. S/MIME testing" (as he quoted at the end of message)
When an S/MIME message arrives, you may or may not want to trust the
issuing authority (which is one of the weaknesses of s/mime vs gpg, you
need to trust an authority. But then, it is a very well known way to
encrypt in business. In this case it was commodo. Do you use kleopatra?
It may be the programm that issued the demand. And no, I do not think it
is something strange, the average user should be able to understand the
value of such a question. Maybe a better definition of which programm
opens this would be better.

I've got Kgpg running (maybe I should change that), but I thought it was
Kmail that issued the request. That's one of the problems--the issuing
program and the reason for the request isn't identified--and I feel
uncomfortable extending trust without knowing the party and dotting all the
i's. I'm just carrying that lack of trust forward to certificate
authorities. I should say I don't have knowlege of gpg usage reduced to
muscle memory, I just use it once in a while.

There is another, more common circumstance where Kmail (If it's Kmail) makes
ambiguous requests for trust, when it tries to make a secure connection
through a captive portal with a certificate. There, the answer is clearly
no.

But what is the average user to do? Just trust any party to come along
without a clue what is going on, in an attempt to make things work?

I think the dialog should at least identify who is making the request. It
could be Kmail, or it could be Firefox, or it could be NetworkManager....

I agree that the issuing programm should be clearly understandable. For the
problem itself, you may go to kmail, configuration, security (on in Kontact:
settings, kmail-configuration, security.
There check the settings for certificates in the last tag "s/mime". If you
deactivate the automatic import of certificates, you should avoid the issue.
(Although I think you know all that, in this case please have patience and
forgive me the redundancy of this answer.).



--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx

< Previous Next >
List Navigation