Like the Recipient Alias feature for OpenGPG I would like to have a way to specify, that I want to force use another, non-matching, key for encryption for S/MIME.
My use case is that I have a unified inbox at my one provider but use another mail address at my university. For incoming mails the university forwards all mails to my provider. For outgoing mails I have configured an address where I send all mails outgoing via the university using the BCC to my one provider back so I, first, have all mails outgoing still saved in my central inbox and, second, I can verify that the mail was sent correctly (I had problems with that in the past and this is a reasonable way to verify, that the universities' server processed my mail). However, with this BCC, I'm not able to use S/MIME encryption as Thunderbird requires a key matching to it.
In KMail for KDE, for example, I could simply specify (and save it to the contacts) that this special return address, which of course, is not included in my certificate from my university, requires encrypting S/MIME mails with said key. Now KMail just uses that instead of requiring a matching key. Having an selection like that stored in the contacts, or at least asking the user, which encryption key to use as no matching was found, or a similar solution like the "Recipient Alias" feature should be reasonable to implement for use by advanced users.
I don't want to create another key for this return address as it either requires me to get a S/MIME for certificate for an address I don't need one (I'm the only one using it, and it would probably cost money) or to generate a new one and creating and trusting a new CA I create myself (which is an unnecessary security issue).
... View more