K9 with OpenKeychain - is this right?

david donovan

unread,

Mar 1, 2019, 2:00:06 PM3/1/19

to K-9 Mail Developers List

I'm trying to get OpenKeychain to work with K9 and I can't get it to import my existing PFX email certificate. I have been unable to find any format that works with it either - PEM, CER, DER, CRT, nothing works. Then I found this:

https://lists.riseup.net/www/arc/openkeychain/2015-11/msg00025.html

In which it states that only a PGP key can be used, not an SSL key. Of course, I can generate one, but that's not an appropriate way of dealing with this issue because I cannot use that key to access existing encrypted email, nor can I use it with my existing mail server for encrypted email.

This was from three years ago, but is this still correct? If so that means that a normal email certificate issued by a proper CA cannot be used with K9.

That is absurd. What is the reasoning behind doing that?

David D

Philip Whitehouse

unread,

Mar 1, 2019, 5:45:13 PM3/1/19

to k-9...@googlegroups.com

OpenKeychain supports PGP/MIME. CA issued certificates are S/MIME - a totally different standard.

Best,

Philip Whitehouse

--
--
You received this message because you are subscribed to the K9 Mail Dev List.
To post to this group, send email to k-9...@googlegroups.com
To post an issue, go to http://code.google.com/p/k9mail/issues/list
To unsubscribe, email k-9-dev+u...@googlegroups.com
For more options, visit this group at http://groups.google.com/group/k-9-dev

---
You received this message because you are subscribed to the Google Groups "K-9 Mail Developers List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to k-9-dev+u...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

david donovan

unread,

Mar 2, 2019, 2:21:19 AM3/2/19

to K-9 Mail Developers List

Yeah, exactly my point. Why would an encryption standard be implemented in an email client that is completely incompatible with the standard for email encryption?

Philip Whitehouse

unread,

Mar 2, 2019, 5:54:53 AM3/2/19

to k-9...@googlegroups.com

It’s not. PGP/MIME is probably more widely deployed than S/MIME. It’s a standard method for email encryption.

Neither is particularly common.

The main difference between the two is the trust model.

There is nothing preventing K-9 supporting both - PGP/MIME’s development was funded by an organisation interested in user privacy.

Best,

Philip Whitehouse

On 2 Mar 2019, at 07:21, david donovan <ddono...@gmail.com> wrote:

Yeah, exactly my point. Why would an encryption standard be implemented in an email client that is completely incompatible with the standard for email encryption?

--

Reply all

Reply to author

Forward