Jim Spring wrote:
I am seeing mixed messages when I search google on this one. I haven't
had a chance to delve into the code yet. But, is Thunderbird capable of
retrieving SMIME certificates from an LDAP repository? If so, are there
any decent how-tos on this? I suspect, if it does work, it is a matter
of getting Thunderbird set up with SMIME and looking for a
userCertificate item in an LDAP entry for a given person.
Thoughts / pointers? I'm just trying to do some homework before diving
in and trying it.
Thanks
-jim
Yes it works fine. I have mine setup to use a local ldap directory for
our company's certs. It's quite easy, just set up the ldap directory as
you would to use it for an address book. When you compose an email it
will attempt to snag the certificate either right before you hit send or
if you click on "Security" which causes the box to pop up showing your
sign/encrypt intentions and the status of certificates for all of the
recipients. The one gotcha I ran into is that Thunderbird must trust
the certificate that comes out of of the directory. Trusting the CA
that issued it is enough to accomplish that. If it successfully grabs a
cert it will then keep it locally in your softtoken.
Dave
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
