[MlMt] S/MIME Encryption

Benny Kjær Nielsen mailinglist at freron.com
Thu Feb 16 05:29:19 EST 2017 

On 13 Feb 2017, at 11:27, Robert M. Münch wrote:

> Hi, I received an encrypted S/MIME message which was successfully 
> decrypted. At least that's what MM shows.
>
> 1. I'm wondering how this works as I can't remember to send my S/MIME 
> certificate. Is there something like a key-server for S/MIME as well?

No, but when you sign a message then the recipient gains the ability to 
encrypt messages to you if they add your certificate to the keychain. I 
think this happens automatically in Apple Mail. In MailMate you have to 
explicitly add it to the keychain.

> 2. Answering the email with encryption & signing doesn't work. I get: 
> "Failed to find valid certificate to encrypt for xyz.xyz at abc.com. The 
> specified item could not be found in the keychain. Error code: -25300" 
> (Note: This text is shown twice). But I can see the certificate for 
> the recipient in one of my keychains.

The error code means that it couldn't find a valid certificate. Have you 
checked that it's not expired or otherwise not trusted (view it in 
Keychain Access)?

For debugging, you can send me the certificate off list and I can try 
creating a message myself.

> 3. When trying to send the email I need to enter the password for a 
> signing certificate I own. This is the first keychain in the keychain 
> app. But this certificate is not for encryption. Could it be that MM 
> just access the first keychain and doesn't search through all of them?

MailMate doesn't specify a specific keychain when doing certificate 
searches, but I think the system library looks in the login keychain 
first. When signing then MailMate only looks for certificates which can 
be used for signing. If you need to then you can force an explicit 
binding between an email address and a certificate using a [hidden 
preference](https://manual.mailmate-app.com/hidden_preferences#security).

S/MIME and OpenPGP users should update to the latest test release 
(r5346). I've made several changes which I would like to have tested 
including an important bug fix for S/MIME (which I would like to release 
soon).

-- 
Benny
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freron.com/pipermail/mailmate/attachments/20170216/2ff9e64e/attachment.html>

More information about the mailmate mailing list