Remix clone Hacker News

new | show | ask | jobs Github

▲

Avamander 5 days ago

How would recipients know to expect an S/MIME signature though. It's not like it's enforced by MTAs like DMARC is.

▲

traceroute66 5 days ago | parent [-]

IIRC, if you're using Apple's Mail client it gets validated against the root cert shipped with MacOS/iOS. You get a little black tick next to the sender.

In theory, third-party places like gmail could (should ?) automagically verify S/MIME sigs where a root cert is readily available.

	▲	Avamander 4 days ago \| parent [-]
		Support for verification is indeed widespread, but if it's missing there's nothing to verify. There's no system in place to warn the user when there is no signature and that there should be one.