I am seeing some behavior from Thunderbird that I cannot explain. I have a PIV card with 3 certs on it -- all of which are suppose to be meant for different things. Thunderbird correctly sees the one applicable for digital signature, and correctly sees the one for encryption. 2 things:

Whenever I select a cert it asks me if I want to use it for the complementary job as well. That's OK if the cert can do both, but in this case, these certs have exclusively different uses and I should never be prompted (The key usage is set accordingly). I guess that's just a usability issue.

The real problem is that when I tell TB to use two different certs, everything goes OK until I attempt to sign the email -- then it tells me that either no cert is configured for the job or my cert isn't trusted.

Does anyone have some insight?

Christian

_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

Reply via email to