The Thawte Web of Trust FAQ
This list of Frequently Asked Questions has been compiled from the two Web of Trust discussion groups, and is intended to answer the most common queries asked by new Notaries and WoT members. For clarification or correction, please e-mail.
Digital Signatures are reported as invalid on discussion lists. Why?
It is frequently mentioned that when you send a message to a discussion list, and digitally sign it with your Thawte certificate, the signature is reported by your e-mail software as invalid when it arrives from the list server. The same is rarely true of PGP-signed messages.
To understand why this is happening, a quick summary of how digital signatures work with e-mail:
In summary, if you intend to sign an e-mail which is going to a list server, it is better to use PGP than S/MIME. See Question 1 in this FAQ for details of how you can add a Thawte certification to your PGP key.
Note: it may still be valuable for you to sign your messages using S/MIME - although the signature will be invalid, your certificate will be embedded, allowing others to encrypt to you and verify off-list messages.