"Learn" incomming S/MIME certs?
but someone can help me with this.
We've got a PGP US 2.10 (might as well upgrade to 3.x if needed) in gateway placement using mainly PGP key material. But in the future we will have to use S/MIME signing/encrypting with one of our partners to exchange e-mails.
Now it would be nice if we could automate the learing of the involved S/MIME certs, so that we would not have to continually exchange certs.
We will probably have to start with exchanging our root certs (in my case the org cert public key I guess?) and somehow tell our PGP US to "learn" the other sides S/MIME certs from S/MIME signed emails.
Then we would need a rule which SIGNS e-mails to the partners domain with the senders cert, so that the other side can learn and then another rule which would search the subject for like "[PGP]" or sensitivity "confidential" and if no key found -> bounce.
I've read there was some sort of key/cert cash, but I'm not sure...