[imp] smime support in Horde 4.0

Jan Schneider jan at horde.org
Tue Jan 10 15:55:42 UTC 2012


Zitat von Nikolaos Milas <nmilas at noa.gr>:

> On 10/1/2012 3:16 μμ, Jan Schneider wrote:
>
>> This has nothing to do with Horde. All veryfication is done via OpenSSL.
>>
>
> Thanks Jan. Can you please provide the openssl verification command  
> used by Horde, because in my openssl tests I only get "Verification  
> successful" and nothing more. For example:
>
> # openssl smime -verify -in  
> 1324565422.M899551P27561.vmail.noa.gr,S=7583,W=7704:2,Sa -CAfile  
> /etc/pki/CA/certs/ca-bundle.crt
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
> Content-Transfer-Encoding: quoted-printable
>
> Verification successful
>
> For the same message Horde displays: "Message verified successfully  
> but the signer's certificate could not be verified."

It's wrapped by PHP's openssl extension. See the Horde_Crypt framework  
library.

>>
>> This is not trivial, because the cert doesn't know anything about  
>> it's envelope, i.e. the e-mail message.
>
> But, wouldn't it be easy and conceptually acceptable for Horde code  
> to check whether the mail sender's address is included in the  
> Subject Alt Name Extension and display that one?
>
> Thanks,
> Nick


Jan.

-- 
Do you need professional PHP or Horde consulting?
http://horde.org/consulting/



More information about the imp mailing list