a new free smime service, but...
Steffen Nurpmeso
steffen at sdaoden.eu
Fri Oct 25 20:02:40 CEST 2019
Robert J. Hansen wrote in <7e1208e4-aa1b-2e4c-3b3b-b74901456101 at sixdemon\
bag.org>:
|> Why doesn't Let's Encrypt offer this service?
|
|Because it's outside the scope of what Let's Encrypt exists to do, which
|is make it easy to provide HTTPS support to small websites.
|
|SMTP is *totally* outside of Let's Encrypt's mission. If you've got a
|problem with that, take it up with Let's Encrypt. They're pretty
|responsive on Twitter at https://twitter.com/letsencrypt.
If i recall correctly Melnikov made a draft how the ACME stuff
could be extended to S/MIME, but it never left draft state. I do
not listen to the according IETF working groups, ... Wait, it is
still an active draft, version 6, last updated this year July: [1]
Unfortunately it wants DKIM/SPF/DMARC and a single MIME message
body, which counteracts my desire to vanquish that in favour of
a nice CMS thing that puts list addresses in From:, or so. Sigh.
[1] https://tools.ietf.org/html/draft-ietf-acme-email-smime-05
|> Why isn't CAcert after years of participation listed as trusted CA \
|> in root
|> stores?
|
|Because CACert hasn't been able to comply with Mozilla's Root Store
|Policy. Chrome has its own root store policy, as does Internet
|Explorer. CACert hasn't been able to dot the is and cross the ts for
|any of them, AFAIK.
|
|https://www.mozilla.org/en-US/about/governance/policies/security-group/c\
|erts/policy/
--steffen
|
|Der Kragenbaer, The moon bear,
|der holt sich munter he cheerfully and one by one
|einen nach dem anderen runter wa.ks himself off
|(By Robert Gernhardt)
More information about the Gnupg-users
mailing list