mathew wrote:
On Mar 24, 2004, at 13:04, Doug Royer wrote:
Here are three that don't: Lotus Notes, Mozilla, and Apple Mail.
I have exchanged HUNDREDS of S/MIME messages with IBM/Lotus
developers in the last year that use Lotus notes- so perhaps you have
a buggy version?
I've been trying to interest development in investigating the Mozilla,
Notes and Apple Mail interoperability problems, but not having much
luck. I'm running the latest gold code; I don't generally touch the
beta stuff.
I have sent this message to you directly AND to the list. It would be
interesting
to see if one verifies and the other does not.
Older versions of Lotus Notes checked too many of the headers
and got validation errors. That was fixed about two years ago.
Well, I have problems with the latest gold code releases of all three
programs.
I have Bcc'd a friend at Lotus, perhaps he can send you a signed email.
I helped
him fix their S/MIME problem a couple of years ago by sending him several
signed emails so he could test Notes when he noticed a problem two
years ago.
On Mar 24, 2004, at 14:35, Jonathan Morton wrote:
Just for the record, my copy of Apple Mail (on Panther) correctly
verifies Doug's and Phillip's mails, but not mathew's. It says that
mathew's mails have been modified or tampered with. Given that
mathew's mail appears to have been *sent* from Apple Mail, I would
suggest that his problem stems from somewhere in his own setup.
Well, that's very strange. For me, Apple Mail, also running on
Panther, doesn't verify Doug's or Phillip's mails--on either of two
completely different machines. Maybe the e-mails really *have* been
tampered with by some broken e-mail MTA somewhere?
That could be, this email also being sent to you directly may tell us.
If you can, save
the entire email that fails to a file (headers and all) and send it to
me as an attachment. I can
use a stand alone tool to look at it and its signature and compare them
to what was sent.
I can send signed e-mail to myself at work and have Notes verify the
signature correctly, so I have good reason to believe my mail is
signed OK when I send it.
So again, it's pretty clear to me that this stuff just isn't reliable
enough yet.
Or something is tampering and it is so reliable it is telling you that.
Perhaps some
spam or anit-virus software is adding or changing something that breaks
the signatures?
I have been using S/MIME signed email for years and this is the first
I have heard of any problem in years.
--
Doug Royer | http://INET-Consulting.com
-------------------------------|-----------------------------
Doug(_at_)Royer(_dot_)com | Office: (208)520-4044
http://Royer.com/People/Doug | Fax: (866)594-8574
| Cell: (208)520-4044
We Do Standards - You Need Standards
smime.p7s
Description: S/MIME Cryptographic Signature