Anders Rundgren wrote:
Ian G wrote:
Michael Ströder wrote:
If the private key is no longer available, yes, encrypted data
technically cannot be decrypted anymore.
Note the decision here to store the email in private-key encrypted form,
instead of (for example) cleartext or re-encrypting it with the master
password.
Yes, this is one of the weird things with S/MIME. You really
wanted to encrypt the message during *transport* but as a "bonus"
got it encrypted for *storage* as well.
Personally I also prefer the MUA to do the latter. As practice showed I
can keep my key history since 10 years now without any hassle (in my
Linux home directory).
There are S/MIME-enabled MUAs which implement local storage differently
though.
That's what I mean with "fundamentally broken architecture".
Sorry, but this whole S/MIME bashing discussion leads me to think that
the main "fundamentally broken" thing regarding S/MIME is the lack of
practice of some of its critics.
Ciao, Michael.
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
