Jackie Hunt wrote:
Our users run a wide variety of clients, so it'd be difficult to confirm that we wouldn't affect someone with the TLS capability, even with a trusted authority.
For reference purposes, in most mail clients there is a single "Trust this certificate forever" dialog that has to be responded to, even with a self-signed certificate. After you instruct the client to trust that certificate (regardless of the chain), the dialog never reappears. You may be worrying for no reason (or you may have particularly timid users, for which you have my sympathy).
John
-- John Peacock Director of Information Research and Technology Rowman & Littlefield Publishing Group 4501 Forbes Boulevard Suite H Lanham, MD 20706 301-459-3366 x.5010 fax 301-429-5748