[MlMt] Multiple S/MIME Certificates

[Scott Blystone]

All (and Benny),

Yes, I DO have multiple S/MIME certificates for the same address as 
there are some valid reasons for that. As my signature says, I am a 
CAcert Assurer. That organization issues Class 3 certificates where your 
identity is very carefully validated through face-to-face inspection of 
identity documents my multiple Assurers. Unfortunately, though, the 
organization's root certificates are not yet automatically included in 
any operating systems or browsers. Their certificates must be manually 
installed and marked as trusted before certificates issued by the CA 
will be recognized as trusted. Because of this, their use is currently 
limited to more technical and other security-minded individuals.

StartSSL's root certificates ARE, however, included with all operating 
systems and browsers, making them much more useful when communicating 
with less technical individuals. Unfortunately, though, the organization 
only indirectly vets a person's identity and only offers Class 2 
certificates. While these certificate are just as useful for signing and 
encrypting messages, the recipient of the message cannot have the same 
confidence in your own identity as when using CAcert certificates.

I have also created my own CA and issue very limited certificates on it 
using OpenSSL. I use these such certificates only when communicating 
with certain very specific individuals.

Ideally, I would like to see  MailMate have a combo box for both S/MIME 
and OpenPGP whereby the sender could select any certificate desired. 
While one might think that only a very few MaleMate users might have 
need of it, yet I think that it would be both a useful feature to 
advertise and that it fits in very well with the type of user that Benny 
has been targeting since the first versions of MailMate.

-- 
Scott Blystone
Rochester, NY, US

CAcert Assurer (see http://www.cacert.org)
StartSSL Notary (see http://www.startssl.org)

Note: This address also works for instant messaging.