[SmartcardServices-Users] Sending S/MIME Smartcard-Signed E-Mail on Mavericks
Shawn Geddis
geddis at me.com
Sat Oct 19 07:41:26 PDT 2013
On Oct 19, 2013, at 6:41 AM, Chris Leduc <chrisleduc at me.com> wrote:
> Hello List!
>
> I use a SuisseID Smartcard to send signed E-Mail through Outlook. Outlook recognizes that the smart card is inserted into the Mac and lets me sign it properly. However, Mail.app does not show me the usual sign/encrypt buttons.
>
> The feature is still there, since it works when a certificate/key pair is installed directly in the keychain (from symantec in that instance).
>
> Any experience with that?
Chris,
Use of Mail for S/MIME (Sign/Encrypt) has no configuration required (unlike Outlook), but has the same requirements whether the identity is in a file-based keychain or a smartcard-based keychain:
The RFC822Name in the Email Signing Certificate MUST match exactly to the Email Account Address you are sending from. This also includes the RFC requirement that everything to the left of the “@“ is case sensitive:
Example: RFC822Name (Cert) Acct Address (Mail) Match ?
Good: user at company.com user at company.com YES
Fails: User at company.com user at company.com NO-> “U” < > “u”
Fails: user at othercompany.com user at company.com NO-> "othercompany" <> "company"
Make sure that you enter the email address in your Mail Account to match your RFC822Name in your email signing certificate.
This same requirement exists for sending encrypted to a recipient — you need to have entered the same address that matches exactly to the RFC822Name in their certificate.
- Shawn
____________________________________________________________________________
Shawn Geddis
Enterprise Security Consulting Engineer, Apple (geddis at me.com)
SCAP-On-Apple Project/Dev Lead: (SCAP-On-Apple.MacOSForge.Org)
SmartCardServices Project/Dev Lead: (SmartCardServices.MacOSFforge.Org)
____________________________________________________________________________
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/smartcardservices-users/attachments/20131019/7c5f9dc1/attachment.html>
More information about the SmartcardServices-Users
mailing list