John R. Levine wrote:
Yes, I am a nitwit, but you knew that. This time I'll tell
Alpine to sign it with S/MIME.
....
John,
For your reposted message with Alphine, I am still not seeing any
S/MIME based certified mail indicator in Thunderbird 2.0.
What I do see an a single attachment (part 1.2) with the "Note Well"
block.
The only "stars" I see is under Thunderbird 3.0 and they are next to
the From: and To: address in the message view header display block and
thats because the addresses are in my contact list as people I have
sent mail to or added to my contact list.
From: John (star)
To: DKIM List (star)
I believe TBIRD 3.0 uses this as a "white list". I believe I saw that
as an option in 3.0 somewhere when I installed in with the last 6
months (but I don't like it - too slow for me, so I remained with
TBIRD 2.0 usage).
I do see on occasion a "Gold" Certified mail star from various people,
so I know the MUA supports it. But not with this message of yours
created with Alpine.
In any case, I think we should take a step back and critically think
about any suggestions regarding S/MIME. I think it is a bad idea to
introduce another dependency, especially if its an out of scope idea.
But as a software guy, I am all about protocol consistency and I see
one approach to this. This might be a new I-D:
Using S/MIME as a DKIM verification indicator for MUAs.
When a MTA or MLS DKIM verifier successfully validates a message using
whatever means, to help "expose" this DKIM validation to the MUA, it
may consider adding a S/MIME certification MIME blocks to the resigned
message.
I'm not sure what are all the bindings in a S/MIME signed message at
this moment, so this may not be workable for a LIST distribution. But
it appears that it might work and may require the automated creation
of self-asserting S/MIME certificates for DKIM resigner message stamping.
The nice thing about this is that many MUAs do support S/MIME, so
maybe an augmented DKIM idea can take advantage of that, but it should
the MTA that does this and not depend on all original mail authors
using S/MIME to sign their mail first in their MUAs. Maybe the I-D
can include a provision for recommending a MSA for adding it - but
isn't that somewhat what DKIM is all about here?
--
Hector Santos, CTO
http://www.santronics.com
http://santronics.blogspot.com
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html