There's no way to use a X.509 certificate/key for S/MIME from a CA which technically isn't trusted. Neither if it's your certificate (for sending / signing the mail) nor if it's the receivers certificate (for encrypting the mail. Maybe you don't want to trust a whole CA. But you may know that a certain certificate is trustworthy (e.g. by comparing the fingerprint or because you created the private key and anyone else has a copy). Sadly there's no way to technically mark a single X.509 / S/MIME certificate trustworthy. That's only possible for CAs. (maybe there should be such a possibility for single X.509 certificates - something to think about for Kleopatra - but as far as I know that's not the way X.509 works) (yes I know, I should use PGP for that trust model, but my contacts sadly don't share that view and I don't want to trust their whole stupid CA - nevertheless I need to encrypt my emails to them) If sending an email, using an technically untrusted certificate for yourself, KMail will just say (a situation that may also occur if someone else needs you to use a certificate from a CA you don't like): "Could not compose message: Not trusted" No further explanation what's not trusted. Instead there should be a warning, that you own key isn't trusted. And there should also be the possibility to say "send anyway". Because, as said, you know that you can trust a single key (but you can't technically set that mark to a single X.509 key), but you don't want to trust the whole CA. Similar thing the other way around: Send a message to a receiver who's key technically isn't trusted. KMail will give you a short warning, saying: | One or more of the OpenPGP encryption keys or S/MIME | certificates for recipient "recipient@example.com" is not | fully trusted for encryption. You can click "Cancel" or "Continue" and you can also select "Do not ask again". But also if you choose "Continue" KMail will refuse to send the mail, telling you: "Could not compose message: Not trusted" Reproducible: Always
Thank you for reporting this issue in KDE software. As it has been a while since this issue was reported, can we please ask you to see if you can reproduce the issue with a recent software version? If you can reproduce the issue, please change the status to "REPORTED" when replying. Thank you!
Dear Bug Submitter, This bug has been in NEEDSINFO status with no change for at least 15 days. Please provide the requested information as soon as possible and set the bug status as REPORTED. Due to regular bug tracker maintenance, if the bug is still in NEEDSINFO status with no change in 30 days the bug will be closed as RESOLVED > WORKSFORME due to lack of needed information. For more information about our bug triaging procedures please read the wiki located here: https://community.kde.org/Guidelines_and_HOWTOs/Bug_triaging If you have already provided the requested information, please mark the bug as REPORTED so that the KDE team knows that the bug is ready to be confirmed. Thank you for helping us make KDE software even better for everyone!
This bug has been in NEEDSINFO status with no change for at least 30 days. The bug is now closed as RESOLVED > WORKSFORME due to lack of needed information. For more information about our bug triaging procedures please read the wiki located here: https://community.kde.org/Guidelines_and_HOWTOs/Bug_triaging Thank you for helping us make KDE software even better for everyone!