Eudora S/MIME

I am using Eudora 71. Pro and the Qualcomm S/MIME plugin. I got the
Certificate from Thawte free. I installed it with Internet Explorer so
now it is in the Certificate store for the operating system I am
running, Win2K/SP4.

The Certificate works when I sign a message. But when I try to send
myself an encrypted message to myself, Eudora says that it cannot find
a Certificate for the recipient. Yet "myself" is the email address I
used to create the Certificate in the first place. It is the login
name for my account at Thawte.

I then use the Certificate Manager in Internet Options in Control
Panel and it says that the "Friendly Name" is <none>. Why doesn't the
Certificate identify the address for myself?

Is there a better way to get a free Certificate? I thought Microsoft
issued free Certificates.


--

"An honest man, armed with all the knowledge available to us now,
could only state that in some sense, the origin of life appears
at the moment to be almost a miracle, so many are the conditions
which would have to have been satisfied to get it going."
-Sir Francis Crick

"The odds that a universe such as ours could have emerged
from a singularity are of the magnitude of 10^10^123)."
--Roger Penrose

On Sun, 25 Mar 2007 07:58:43 -0500, Citizen Bob wrote:

> I am using Eudora 7.1 Pro and the Qualcomm S/MIME plugin.
> I got the Certificate from Thawte free. I installed it
> with Internet Explorer so now it is in the Certificate store
> for the operating system I am running, Win2K/SP4.

> I then use the Certificate Manager
> in Internet Options in Control Panel
> and it says that the "Friendly Name" is <none>.
> Why doesn't the Certificate identify the address for myself?

Select a certificate, click "View" then "Details"
(this is what's actually *in* the CA-issued certificate);
now click "Edit properties" -- you can label it
with any "Friendly name" you wish.

> The Certificate works when I sign a message. But when I try to send
> myself an encrypted message to myself, Eudora says that it cannot find
> a Certificate for the recipient. Yet "myself" is the email address
> I used to create the Certificate in the first place.
> It is the login name for my account at Thawte.

And also where you are picking up mail using Eudora?

Would you like to send me a signed (not encrypted) message?

If so, use jhmeyyerss@hootpoop.coom
[actually, all doubled letters should be single],
and I'll reply likewise, then see whether
we can send each other encrypted mail
(I'm testing this with Eudora at the same time

-[ ]-

On Sun, 25 Mar 2007 09:36:44 -0500, "John H Meyers"
<jhmeyers@nomail.invalid> wrote:

>Select a certificate, click "View" then "Details"
>(this is what's actually *in* the CA-issued certificate);
>now click "Edit properties" -- you can label it
>with any "Friendly name" you wish.

Aha! That works to fix the Name problem.

But the error still occurs. I tried both my email address as it
appears in the error message and my "real name" in Eudora. Neither
works.

Maybe I am not allowed to use my Certificate to send encrypted email
to myself.

>> The Certificate works when I sign a message. But when I try to send
>> myself an encrypted message to myself, Eudora says that it cannot find
>> a Certificate for the recipient. Yet "myself" is the email address
>> I used to create the Certificate in the first place.
>> It is the login name for my account at Thawte.

>And also where you are picking up mail using Eudora?

I could not get past the error, and therefore never sent the message.

>Would you like to send me a signed (not encrypted) message?

I have already sent one of my signed messages to a friend and it
works.

The Cert. works with me as sender. It does not work for me as
recipient of my own encrypted message.

>If so, use jhmeyyerss@hootpoop.coom
>[actually, all doubled letters should be single],
>and I'll reply likewise, then see whether
>we can send each other encrypted mail
>(I'm testing this with Eudora at the same time

OK, I will send you a signed message which you can use to install my
public key. Then you can use it to send me an signed, encrypted
message from which I will install your public key. Then I will send
you a signed, encrypted message.

--

"An honest man, armed with all the knowledge available to us now,
could only state that in some sense, the origin of life appears
at the moment to be almost a miracle, so many are the conditions
which would have to have been satisfied to get it going."
-Sir Francis Crick

"The odds that a universe such as ours could have emerged
from a singularity are of the magnitude of 10^10^123)."
--Roger Penrose

On Sun, 25 Mar 2007 09:36:44 -0500, "John H Meyers"
<jhmeyers@nomail.invalid> wrote:

>And also where you are picking up mail using Eudora?

Are you asking me for my POP3 server?

>Would you like to send me a signed (not encrypted) message?

I sent you a message yesterday at 9:38am CT. It was signed but not
encrypted.

>If so, use jhmeyyerss@hootpoop.coom
>[actually, all doubled letters should be single],
>and I'll reply likewise, then see whether
>we can send each other encrypted mail
>(I'm testing this with Eudora at the same time

I used that address with the double letters converted to single
letters. I did not get any bounce message so it must have gotten thru.


--

"An honest man, armed with all the knowledge available to us now,
could only state that in some sense, the origin of life appears
at the moment to be almost a miracle, so many are the conditions
which would have to have been satisfied to get it going."
-Sir Francis Crick

"The odds that a universe such as ours could have emerged
from a singularity are of the magnitude of 10^10^123)."
--Roger Penrose

On Sun, 25 Mar 2007 10:38:02 -0500, Citizen Bob wrote:

> I will send you a signed message which you can use to install
> my public key. Then you can use it to send me an signed,
> encrypted message from which I will install your public key.
> Then I will send you a signed, encrypted message.

I received it, but because it got forwarded a couple of times
(from one of my accounts to another), it took a bit of
fooling around with the attached signature (renaming it
to xxxxxx.p7s) to import it directly into Windows'
certificate store, without help from Eudora,
which was successful.

But importing into Windows certificate store
wasn't enough to let Eudora find it when I tried
to send you back an encrypted message -- thus,
merely having other people's certificates in Windows' store
doesn't seem to suffice for Eudora to find it,
and that's why we can't even encrypt a message to ourselves,
using Eudora.

Besides playing around with that message to see what else
I can do with it (I'll try importing your cert into Eudora too,
although this didn't help with my own certificate),
I'll also send you a signed message directly
from Eudora, then we can see whether things work out better
when one copy of Eudora talks directly to another,
and if that succeeds, we can see what other element
is missing when we have certficates that are known
only to Windows, or which we have to receive
by forwarding from one account to another.

PGP/GPG has none of these problems, of course,
because signatures come with the signed message
right in the message body, and public keys
are either downloaded or emailed separately,
being stored automatically by a request to "decrypt" them.

-[ ]-

In article <460671f1.255451234@news-server.houston.rr.com>, on Sun, 25
Mar 2007 12:58:43 GMT, Citizen Bob wrote:

> The Certificate works when I sign a message. But when I try to send
> myself an encrypted message to myself, Eudora says that it cannot find
> a Certificate for the recipient.
>

Do you have "Add verified certificates to store" checked in the S/MIME
options?

If so, then after initially receiving a signed but unencrypted message
to yourself, you should then be able to send encrypted messages to
yourself.

I just tried it with a newly created Thawte cert, and it worked fine.

No offense, but have you read the S/MIME plugin's directions?

http://www.eudora.com/download/eudor...IME_Readme.txt


--
Seth Goodman

On Mon, 26 Mar 2007 16:27:53 -0400, Seth Goodman <seth_news@yahoo.com>
wrote:

>Do you have "Add verified certificates to store" checked in the S/MIME
>options?

YES!!!

>No offense, but have you read the S/MIME plugin's directions?

I have read that very document - every fucking word of it - at least
THREE times.

Fer Chrissake - do you take me for a fucking idiot! I was working on
computers before you were even a dirty look in your old man's eye.

Ever hear of an IBM 7094? Do you know what a punch card is?

<jeez>

--

"An honest man, armed with all the knowledge available to us now,
could only state that in some sense, the origin of life appears
at the moment to be almost a miracle, so many are the conditions
which would have to have been satisfied to get it going."
-Sir Francis Crick

"The odds that a universe such as ours could have emerged
from a singularity are of the magnitude of 10^10^123)."
--Roger Penrose

In article <46083c9d.376565437@news-server.houston.rr.com>, on Mon, 26
Mar 2007 21:38:23 GMT, Citizen Bob wrote:

> On Mon, 26 Mar 2007 16:27:53 -0400, Seth Goodman <seth_news@yahoo.com>
> wrote:
>
> >Do you have "Add verified certificates to store" checked in the S/MIME
> >options?
>
> YES!!!
>
> >No offense, but have you read the S/MIME plugin's directions?
>
> I have read that very document - every fucking word of it - at least
> THREE times.
>
> Fer Chrissake - do you take me for a fucking idiot! I was working on
> computers before you were even a dirty look in your old man's eye.
>
> Ever hear of an IBM 7094? Do you know what a punch card is?
>
> <jeez>
>


I already know how to use S/MIME in Eudora 7.1. It works fine for me - I
was offering to help *you*. But if you don't want help, fine.


Oh yeah - thirty years ago I used to be able to do an 029 program card
like nobody's business. Probably still could.


--
Seth Goodman

On Mon, 26 Mar 2007 15:27:53 -0500, Seth Goodman wrote:

> "Add verified certificates to store"

Curiously enough, whenever I added the certificates to Windows
*manually*, Eudora could not then find them, but when I checked
this option and then let Eudora add to the store (again)
on its own, *then* it began working (so thanks, this helped!)

I have again opened the Windows certificate store,
and for each person to whom I had been unable to
send encrypted mail earlier but now can,
I now have *two* certificates -- the one which I manually
imported (using the Windows "Import" function),
and then another which Eudora imported again.

When I compare all properties of each of the
certificate pairs, I can not detect the slightest difference
in displayed properties, yet when I try to send an encrypted message,
Eudora can find only the version which it imported for me,
*not* the manually imported version!

Although I had no trouble sending myself another signed message,
to get Eudora to import my own certificate a second time,
there existed no way to make that happen for a signed message
which was sent to me by someone else, originally at another address,
which in turn was forwarded to a Gmail account -- when
that message arrived, the attachment was no longer named
xxxxx.ems, but was in fact named "noname",
and that's how it arrived when downloaded to Eudora.

Therefore, there was no way to make Eudora recognize
that attachment directly by clicking an attachment named
"yyyy.ems" at the end of the message, because that
*wasn't* how the attachment was named at that point.

The entire system therefore seems flawed to me,
because when Eudora sends even a signed S/MIME message
directly to a Gmail account, the message arrives at Gmail
with an attachment named (literally) "noname" (and no extension)

How can Eudora ever be persuaded
to make direct use of that attachment?

The certificate is in that attachment, however,
and can be imported directly by Windows,
yet if I import it in that manner,
Eudora can't subsequently find and use it.

Even if my Gmail address has been issued a certificate,
how can I ever make use of any S/MIME message,
either only signed or both signed and encrypted,
if the attachments as sent by Eudora arrive at Gmail
with no name (as they do)?

There are no such problems when using PGP/GPG,
so I'm not much impressed with S/MIME, which seems
to work only if the messages are sent directly to
a POP mailbox from which direct download to Eudora
can be made -- any time that forwarding or relaying
is required, the entire system seems to break down entirely
(including the fact that manually imported certificates
show up in the Windows store with all properties
perfectly intact, yet Eudora's plugin can't find them).

-[ ]-

On Mon, 26 Mar 2007 18:11:00 -0400, Seth Goodman <seth_news@yahoo.com>
wrote:

>I already know how to use S/MIME in Eudora 7.1. It works fine for me - I
>was offering to help *you*. But if you don't want help, fine.

No one needs a smart ass like you telling them to RTFM, especially
when they have RTFM several times.

You could have been a decent person and pointed out what you thought
might be the problem and left the smart ass comments out.

You are a very insecure person to have to resort to that kind of
behavior to build your ego. Likely you have a justifiable inferiority
complex.



--

"An honest man, armed with all the knowledge available to us now,
could only state that in some sense, the origin of life appears
at the moment to be almost a miracle, so many are the conditions
which would have to have been satisfied to get it going."
-Sir Francis Crick

"The odds that a universe such as ours could have emerged
from a singularity are of the magnitude of 10^10^123)."
--Roger Penrose