PGP integration with CA's outside of PGP's PKI
I'm not sure I entirely understand how a PGP’s implementation of secure messaging differs from a Microsoft solution (SMIME)... http://forum.pgp.com/t5/PGP-Desktop-for-Windows/PGP-Desktop-and-S-Mime-Outlook-No-go/td-p/37017
It appears that PGP strips the signature from incoming emails that have been singed within outlook (via a microsoft certificate with digital signature extension)
*funny behavior on the outlook side as well, outlook will identify signatures generated within PGP –only until it’s opened or you try to use the key (reply with encrypted message) back to the email address than signed that email.. –outlook will show a small certificate icon on that email until you interact with the “.sig”
…if I export the microsoft certificate (public key only) used to sign emails on my outlook side, to my PGP machine it will identify the “Public x509 certificate file” and complete the import. When I go to transmit an email to that user as it appears on their certificate, PGP pops up and says “key not found, email blocked”
…I’ve tried adding the CA’s root key (public) to this machine’s trusted “root”, so it has a trustpoint for the certificate…. I beginning to think I’m doing somthing fundamental wrong, or missing something really stupid
I have a microsoft issued certificate (RSA keys pairs) with email signing attributes, generated via internal Microsoft CA. These certificates can be used within outlook to sign/encrypt messages all is well… I’d like to have this PKI send to a PGP client.
Outlook (public x.509) certificate encrypting email’s to a PGP client. Can this be done?
Many thanx to all/Tom,