[imp] Verifying smime signatures not working?

[Michael M Slusarz]

Quoting Edward Burr <egburr at burr.cc>:

> I am receiving email from a friend who uses Lotus Notes and is  
> signing his emails. After much effort, I finally figured out how to  
> extract the certificate from the smime.p7s file and import it into  
> imp (since you can't just import the smime.p7s file directly). Now I  
> am able to encrypt email to him, and imp successfully decrypts email  
> from him (getting a key and sending him my public key was simple  
> compared to importing the smime.p7s cert).
>
> However, one thing I have not been able to figure out yet: I can not  
> find any indication whether the signed email from him is valid or  
> not. The only way I know it is signed is because of the attached  
> smime.p7s file, but imp gives no hint that it has actually checked  
> whether the message and signature has been checked. For an encrypted  
> message, I figure I can safely assume it is intact, but what about  
> an unencrypted message?

S/MIME signed messages will have a border around the signed content in  
the message view with a yellow info box that says "The data in this  
part has been digitally signed via S/MIME." and will have a link to  
verify the data.

if you are not seeing this then your system either doesn't have  
support for openssl in PHP or it is disabled in the Horde/IMP  
configuration.  (FYI: your message to the list, that I am replying to,  
is S/MIME signed and I can verify the signature).

michael

___________________________________
Michael Slusarz [slusarz at horde.org]