1) it seems a standard is to accept importation of PFX file, the default format when exporting from browser. Would be nice to make that work, most webmails and clients like Thunderbid, expect that format, which is the default when exporting from browser. For SMIME to work in new GO we had the work to have to convert from PFX to PEM...
2) After you import certificate, it doesnt ask for pass phrase. When you send a first email signed digitall it does ask for passphrase.
Then I send a few more emails that same day, it didnt ask for pwd anymore. But then the next day I sent again signed digitally and it asked for pwd again. Strange, most clients save the passphrase.
3) No way to always sign digitally by default? I believe this possibility existed in old GO.