| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20040318193606.GB10559@SDF.LONESTAR.ORG> From: petard at freeshell.org (petard) Subject: Re: Microsoft Security, baby steps ?[Scanned] Hi Paul, Not that I'd ever discourage s/mime from anyone, but *please* clear-sign messages to public mailing lists. Opaque-signed mails are very difficult for some folks to read. Actually, I usually encourage folks to clear-sign all the time. Is there any reason you're not? For the rest of the world, if your mail client does not properly verify opaque-signed messages and you can't read that one, just save the message off to a file (say message.eml) and do the following: 1. Go download verisign's "Class 2 Primary CA" certificate, serial number 00 b9 2f 60 cc 88 9f a1 7a 46 09 b8 5b 70 6c 8a af; save it as a PEM file (say ca.cer). 2. Using openssl's shell tool, issue the command openssl smime -verify -CAFile ca.cer -in message.eml This will print the contents and verify the signature. Alternatively, if you don't want to verify the validity of Paul's cert according to Verisign, skip step 1 and change the command from step 2 to: openssl smime -verify -noverify -in message.eml That will verify the crypto without checking the validity of the certificate. regards, petard -- If your message really might be confidential, download my PGP key here: http://petard.freeshell.org/petard.asc and encrypt it. Otherwise, save bandwidth and lose the disclaimer.
Powered by blists - more mailing lists