Here is summary of problems on GroupWise v8 Client running on Windows Vista. This is a recap of the detailed message I tried to send earlier that was lost, so I might not have remembered everything.

  • When viewing a message, if right-click on sender and choose "Information", the contact window doesn't always open, esp. when the contact has a public certificate stored (trusted).
  • When viewing a contact (e.g., open someone in the address book), you get a window with 5 tabs. If click on "Advanced" tab, then click on "Manage Certificates" button, a window titled "Contact Certificates" opens, but this window is always empty, even if certificates have been stored (trusted) for that individual. This behavior differs from the v7 behavior where the contact's "Certificates" tab showed the stored (trusted) certificates for that contact.
    • Therefore, there is no way to determine before sending an encrypted message whether you already have a public key certificate for the recipient.
    • Therefore, there is no way to backup the certificates of those folks for whom you've obtained public keys. Thus, if you have to switch computers or create a new windows user profile, you can't easily export/import the certs you've accumulated, thereby requiring you to re-exchange signed emails or look up the folks in a public directory. This is not optimal and is a backwards move from v7.
  • If you receive a signed message from someone, then reply to that individual with an encrypted email without first "trusting" their certificate, v8 happily sends the message, but the recipient can't open it because they don't have a corresponding encryption key.
  • Sometimes when you open the first signed message from an individual, the window shows a Red bar with a warning message about "security errors" advising you to click the red bar. Other times, you don't see this red bar, but only see the ribbon/padlock icon to the right of the subject line. If you click on the red bar or the icon, you get the familiar security properties window akin to v7 from which you can choose whether to trust the sender's certificates. I don't' understand why the difference in behavior and what triggers the red bar. I've observed that with the red bar, the security properties window does not show any "errors", but rather simply asks if you want to trust the certificates-this is clearly not an "error" so the red bar message about errors is confusing.
    • In addition, it is no longer obvious that you need to decide whether to trust a person's certificate. In v7, it always prompted you, but in v8 it does not. You have to know to click the red bar or the icon in order to discover if you need to make a trust decision. This, coupled with #3, makes for easily sending encrypted messages that can't be opened.
    • In addition, the ribbon/padlock icon is small and placed at the far right of the subject line on the window, so it is easily overlooked.
  • When you try to send an encrypted message, a pop-up window titled "Select Recipient" always appears. The instructions on this window read, "A recipient with multiple certificates is found, select one certificate to use:".
    • This message is confusing/wrong, esp. when you've stored (trusted) only one certificate for the recipient.
    • Furthermore, the contents of the window show all of the certificates you have trusted (stored), rather than just the certificate(s) corresponding to the recipient. This behavior differs from v7 in which the association was made automatically and you only had to choose when you had multiple certificates stored for the same individual. This is a step backwards from v7 and is very awkward.
  • Continuing #5 above, the situation is much worse when you send encrypted email to multiple recipients. You get the "Select Recipient" window pop-up separately for each person in the TO field, yet the window does not tell you which person it is asking about. I have observed that, if I choose the correct people in each of the dialogs, the message is sent and the recipients can decrypt, but I'm not sure if the order of selecting certificates is important-maybe I just got lucky. In any event, it forces you to remember the folks you've put in the TO list, which can be tricky, and for long TO lists, the multiple pop-ups are quite annoying. Again, this behavior is a major step backwards from v7.

Any resources to help us better understand how to manage certificates in GW8 appreciated.