Re: [Fed-Talk] CAC Patch 1.2 help requested
Re: [Fed-Talk] CAC Patch 1.2 help requested
- Subject: Re: [Fed-Talk] CAC Patch 1.2 help requested
- From: "Timothy J. Miller" <email@hidden>
- Date: Fri, 10 Oct 2008 07:43:49 -0500
Gregory Adair wrote:
Glad you mentioned this, because I haven't seen it mentioned anywhere
else. Several of us here at my command, are unable to encrypt messages
using our pki certs The problem is occurring on machines from 10.5.2
up to those running 10.5.5 with the 1.2 patch installed, and others in
between. We are all able to digitally sign, send, and receive messages,
but like Ben stated, the padlock is greyed out and unusable. Has anyone
else had this problem? Maybe it's just us or maybe not many folks have
been encrypting messages to see problem because I haven't seen a lot of
chatter on this list about it. All, please take a look and give it a
try. I see this as a pretty big thing that needs fixing. Thank you.
First, you need the *recipient's* certificates in your keychain to send
encrypted email.
Second, the email address in each recipient's certificate must match the
email address in the To:/CC:/BCC: line. In addition, the case must
match for the username portion (i.e., email@hidden does not match
email@hidden, but email@hidden *does* match email@hidden). The reason for
this is buried deep in RFC2822. It's annoying, but technically is
correct behavior.
Third, *you* are always an unstated recipient of every mail you send, so
the second point applies to your own email address and certificate as well.
-- Tim
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden