Re: [Fed-Talk] Unable to verify message signature
Re: [Fed-Talk] Unable to verify message signature
- Subject: Re: [Fed-Talk] Unable to verify message signature
- From: "Timothy J. Miller" <email@hidden>
- Date: Tue, 4 Dec 2007 13:39:15 -0600
Another thing to remember is securityd-reliant applications only load
PKI trust *once* at launch. So if you fix a PKI trust problem you
need to quit the app completely to see the effect. Even Keychain
Access has this problem. Allegedly fixed in Leopard.
-- Tim
On Dec 3, 2007, at 6:58 PM, Richard Sperling wrote:
Thanks, Tim.
But the email address in the message from Rich Trouton that the
list received on November 29 matches the case of the rfc822Name in
his certificate. Interesting. I just checked that message again and
now Mail recognizes the digital signature. I think that may be
because I turned off my iMac this morning before I left for work.
Maybe the shutdown and restart got everything in sync. I'm still
not convinced, so I'll monitor the situation.
Richard
On Dec 3, 2007, at 4:26 PM, Timothy J. Miller wrote:
On Dec 2, 2007, at 3:34 PM, Richard Sperling wrote:
1. The sender’s certificate may have expired.
2. You don’t have a root certificate for the authority used to
sign the sender’s message.
3. The message was modified in transit.
4. You are missing one or both of the X509Anchors or
X509Certificates files from /System/Library/Keychains.
5. The sender's email address does not match the rfc822Name (or
subject DN email component) in the signing certificate.
I do not have problems with digital signatures in Thunderbird.
Note that Mail.app requires that the *local-part* (left side of
the '@') be a *case sensitive* match. This is a strict
interpretation of the RFC that no other mail user agent enforces.
-- Tim
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden