Version 0.44 of premail contains limited support for S/MIME messages. Basic message formatting works, but there are problems with creating usable certificates, and there is still no support for an encryption algorithm interoperable with RC2. However, a few hearty souls may wish to experiment with the S/MIME functionality that is present. This section explains how to do it.
First, you must install RIPEM 3.0b2 (or later). This is available from the ripem export-controlled FTP site. You'll need to get an account on the server in order to download any of the export-controlled code - the GETTING_ACCESS file on the site explains how.
Once you have RIPEM installed (and the ripem
configuration option pointing to the executable), create a public key
with this command:
premail -ripemkey
You will then be prompted for your e-mail address. Alternatively,
you can give your e-mail address as a command line argument to
premail -ripemkey
.
After your key is created, you can send signed messages by adding
the ((ssign))
command. If you send a signed message to
another premail user, they will have your public key, and can send you
mail, by using ((encrypt=your@user.id))
.
The default encryption is Triple-DES. If the recipient can't
handle it, then ((encrypt-des))
will fall back to plain DES,
which most users will be able to decrypt - probably including
``export'' versions of S/MIME. Of course, the disadvantage of using
plain DES is that any competent spy organization will also be able to
decrypt the messages ;-).
Unfortunately, RIPEM 3.0b2 has some significant differences from other S/MIME implementations in the way it handles public key certificates. These prevent you from getting a VeriSign certificate you can use. It is, however, possible to accept VeriSign class 1 beta certificates by running the following:
> rcerts -u your@user.id
Enter password to private key:
E - Enable standard issuers...
...other choices...
Enter choice:
e
...V - VeriSign something or other...<newline>
v
Enter the number of months the certificate will be valid, or blank to cancel:
12
Enter choice:
q