Version: (using KDE KDE 3.2.1) Installed from: Compiled From Sources In short: after installing kmail and kmail-crypto (and maybe enabling the plugin) I should just be able to at least view and check S/MIME signatures and also have some GUI to install my own certificates for signing and/or encryption. Longer: I spent 3 hours trying to get S/MIME support in kmail running - using instructions from AEgypten pages - and failed (currently gpgme-openpgp.so crypto plugin seems to work but gpgme-smime.so reports that it has not been initializated without any further details and I have absolutely no idea what I can try to resolve it). And I am experienced Linux programmer and administrator (although without special knowledge about S/MIME itself). I can't even imagine 'normal user' to try... In my opinion the whole crypto-plugin thing should be organized so: 1) Whatever can be performed automatically during an installation, should be done (things like reconfiguring X-session to run gpg-agent, generating sample certificates, initializing certs database etc). 2) To activate the crypto-plugins, the user should set some checkboxes or select from the list instead of guessing what libraries are there and how they are named (of course some 'Other...' option for non-typically installed plugin could be present). The simplest solution: all plugins found in typical places are just visible in configuration window, they are just initially disabled. 3) When the user attempts to enable such a plugin, the whole rest of the initialization should happen. The user should be queried all the info kmail crypto needs to work and assisted in efforts like installing the existing certificate or buying one. The main point is that one should be able to configure everything one needs to have S/MIME working without running any openssl command manually. 4) In case bugs happen, there should be detailed error report.
Marcin, are you satisfied by what KMail 1.7 provides now? If so, can you please close this bug report?
I have not (yet) seen kmail 1.7 (I work using Debian packages, recent attempts to compile KDE 3.3 from sources resulted in numerous errors). When I get it I will let you know what I think.
For an extra datapoint... just built kdepim-3.3.1 packages for the kde-redhat project, and using Fedora Core 2. Using these, under kmail, Tools->Certificate Manager simply returns the error: The crypto plugin could not be initialized. Certificate Manager will terminate now. What magic incantations need to be done to make this work?
OK, found the HOWTO: http://kmail.kde.org/kmail-pgpmime-howto.html I'll give that a shot.
It works! Hardest part was getting gnupg2 built, and gpg-agent running.
yet it's still not easy enough for unexperienced users, or am I wrong? According to my experience everything but installing an RPM is too difficult.
The only solution for unexperienced users is that their distro comes with everything set up for them (gpg-agent automatically started with kde, etc.)
We think that it's the distributors task to provide all necessary packages and to start gpg-agent for the user. For SuSE 9.1 RPMs of all necessary packages are provided at ftp://ftp.suse.com/pub/people/adrian/aegypten2/9.1-i386. With SuSE 9.2 (which comes with KDE 3.3) it will work out-of-the-box.
Created attachment 8264 [details] gpg-agent startup script for /usr/env or ~/.kde/env Sample gpg-agent startup script
Created attachment 8265 [details] gpg-agent shutdown script for /usr/shutdown or ~/.kde/shutdown Sample gpg-agent shutdown script