[Users] SMIME - Validity Discrepancies.

ENI info at endeavor-networks.com
Tue Sep 16 20:00:30 CEST 2014


Using X.509 certificates that we have issued from our own PKI.  Have
not implemented a CRL for this trial. 

At both sending and receiving ends:

- CRL checking is disabled in GPA Backend Preferences.
- Root CA and Intermediate CA certs have been imported, and cert chains
are fine.
- Sending and receiving of signed and encrypted messages works.

Gnu Privacy Assistant | Key Manager | "Upper Pane" | Validity column
indicates:

"Fully Valid" for the Root CA.
"Unknown" for the Intermediate CA that signed the user certs.
"Unknown" for the user keys.

Gnu Privacy Assistant | Key Manager | "Lower Pane" | Key Validity
indicates:

"Fully Valid" for the Root CA.
"Fully Valid" for the Intermediate CA.
"Fully Valid" for the user keys

Q1 - Why the discrepancy (Unknown vs. Fully Valid, upper pane vs.
lower pane)?


Receiver sees the Signature OK icon, and the statement "Good signature
from <sender name>".

If the receiver clicks on the Signature OK icon, the message pane
conveys:

Good signature from 
uid "CN=<redacted>" (Validity: Unknown)
uid "<redacted>" (Validity: Unknown)

Q2 - Why the discrepancy (Signature OK vs. Validity:Unknown)?

Regards,
ENI



More information about the Users mailing list