[Users] SMIME - Validity Discrepancies.
ENI
info at endeavor-networks.com
Tue Sep 16 20:00:30 CEST 2014
Using X.509 certificates that we have issued from our own PKI. Have
not implemented a CRL for this trial.
At both sending and receiving ends:
- CRL checking is disabled in GPA Backend Preferences.
- Root CA and Intermediate CA certs have been imported, and cert chains
are fine.
- Sending and receiving of signed and encrypted messages works.
Gnu Privacy Assistant | Key Manager | "Upper Pane" | Validity column
indicates:
"Fully Valid" for the Root CA.
"Unknown" for the Intermediate CA that signed the user certs.
"Unknown" for the user keys.
Gnu Privacy Assistant | Key Manager | "Lower Pane" | Key Validity
indicates:
"Fully Valid" for the Root CA.
"Fully Valid" for the Intermediate CA.
"Fully Valid" for the user keys
Q1 - Why the discrepancy (Unknown vs. Fully Valid, upper pane vs.
lower pane)?
Receiver sees the Signature OK icon, and the statement "Good signature
from <sender name>".
If the receiver clicks on the Signature OK icon, the message pane
conveys:
Good signature from
uid "CN=<redacted>" (Validity: Unknown)
uid "<redacted>" (Validity: Unknown)
Q2 - Why the discrepancy (Signature OK vs. Validity:Unknown)?
Regards,
ENI
More information about the Users
mailing list