Re: [Fed-Talk] Root Cert on MacBookPro Question
Re: [Fed-Talk] Root Cert on MacBookPro Question
- Subject: Re: [Fed-Talk] Root Cert on MacBookPro Question
- From: Peter Link <email@hidden>
- Date: Mon, 28 Dec 2009 09:17:35 -0800
Tim,
It's funny you should reply to this email thread since your email
comes across with an untrusted rootCA. I checked through my 10.5
keychain and mitre.org is not listed in the System Roots and the
mitre.org root certs I've received from you and others show an
untrusted insurer. I don't receive the digest.
As far as David's comment about not being able to send a return
encrypted email, that doesn't surprise me since our DOE Entrust
certificates are split so the recipient doesn't necessarily (always)
get the encipherment certificate with every signed email. Does this
mean PKI isn't ready for combat, it just means some organizations
implemented some weird configurations awhile ago and haven't fixed
them. Change, especially in the government, is next to impossible.
On Dec 28, 2009, at 9:07 AM, Timothy J. Miller wrote:
David Emery wrote:
Well, I have tried to move to Mail.app from Thunderbird, and I'm
still having major certificate problems. People send me signed
messages; their certs come across as invalid, I try to trust them,
but can't reply encrypted.
This is most likely the result of mis-match between the email
address in the cert and the email address in the From:/To: line.
Mail.app requires exact match, including case-sensitive match for
the part to the left of the @ sign.
Anyone who thinks this PKI <stuff> is ready for combat should be
sent to Afghanistan with a "PKI-enabled" rifle!!!
PKI has been in active use in theater for about 5 years now.
-- Tim
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
Peter Link
Cyber Security Analyst
Cyber Security Program
Lawrence Livermore National Laboratory
PO Box 808, L-315
Livermore, CA 94550
email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden