--On Saturday, March 12, 2016 10:46 AM +0100 John R Levine
Another issue is with encrypted EMail (one receives) and
having to roll one's own S/MIME keypair when the short-lived
cert expires. ...
Finally this year there is a public S/MIME CA that will resign
a certificatre rather than issuing a new one each year, but
it's taken, what, 20 years? This confirms your point and John
K's that current MUA crypto is for the most part a checklist
item, not something that most people would want to use.
CACert, which has been around for a long time and will at least
issue a new signed one with a new date without going through a
lot of complex rituals. However, they have their own set of
issues and AFAICT, have never really gotten traction either.
ietf-smtp mailing list