The account manager for mail/news should show the security panel for newsgroup maessages, too. It should be possible to configure signing prefs, but not encryption prefs.

This is missing functionality that currently exists in 4.x clients.

Also, the doco shows a "Security" item for Newsgroup servers, too, which is misleading. My 1.0RC2 doesn't have it, which is interesting. However, if I write a message which goes both to a regular email recipient *and* to a newsgroup, then it will be sent signed to both and show up fine on the newsgroup. This workaround does not work if I start from the newsgroup, like trying to respond to a posted message.

*** Bug 146654 has been marked as a duplicate of this bug. ***

Body of 146654: I set up my main email account to digitally sign messages, mostly to provide some extra testing of dogfood. When I compose an email message, I can disable the signature on a per-message basis. However, I don't have that option for newsgroup messages. I'm not sure why we don't have a separate Security tab for newsgroup accounts, since I don't really need to sign them, and other newsgroup users complain that it makes them too large. ------- Additional Comment #1 From Mitchell Stoltz 2002-05-24 12:42 ------- -> PSM S/MIME. I agree that options for Mail and News should be separated in this case. ------- Additional Comment #2 From Charles Rosendahl 2002-05-30 16:52 ------- Not sure what you mean. Signing news messages is not officially supported in 7.0 There are two bugs that relate to what I believe you are referring to. One: Switching sender should set security settings accordingly within the composition window. Two: Signing of newsgroup messages is not supported. Currently if you enter through the email account and change the recipient type to newsgroup, the settings are not changed. If you enter through the newsgroup account, the settings are not set and cannot be set unless you manually tweak your prefs file. marking this a duplicate of 134949 and incorporating these comments into that bug for tracking purposes once we get around to implemeting this feature. As an aside, I'm not sure if we should change the security settings when we change the recipient type based on whether it is a news message or not. Since multiple news accounts may be configured, which news account would we set the preferences to? Tis better to enter through the news account directly.

We don't support sending signed messages, without specifying own's cert for receiving encrypted messages. (Details in bug 115294, in short: Users expect to be all set for sending encrypted messages by receiving a signed message and we should break that general rule.) As a consequence, even when preparing a signed newsgroup message, we must still know which certificate the user wants to use for receiving encrypted messages. Because we have that as a separate configuration option, we need to include the encryption box for newsgroup accounts, too. The only thing we can (and should) change in the newsgroup prefs UI: the "use encryption" setting. I vote that we do not remove it from the UI, but force selection of "never encrypt" and disable the "require encryption" in the UI. Argument 1: The user will be aware that encryption for newsgroups is not possible / supported. Argument 2: I heard there is a RFC how S/Mime newsgroup encryption could work, and at some point in the future we might want to support that. So the work required to implement this bug is: Activate showing the tab and lock the encryption setting to "never". Users will need to configure both certificates for newsgroup accounts, too.

I don't want to work on this before 160499 is done. I realize the logic to enable/disable controls in the S/Mime prefs UI is not consistent with the application behaviour. We should fix that before we make the enable/disable logic more complex (for newsgroup settings).

We should still allow users to include an encryption cert in a signed newsgroup message. There could be a checkbox that says: "include this encryption certificate in my signed message".

Another reason for allowing the inclusion of the encryption cert: replying back directly to the sender rather than the news group containing the news posting allows the opportunity to encrypt the reply.

I'm confused. I believe we already agree, but you seem to think we do not. I guess my comments were unclear. In my comments I wanted to say: "Yes, we need to require the user to configure both".

No disagreement Comment #5 is clear - I just wanted to add the basic reason why a sender's encryption cert would be added to a newsgroup message in the first place. As far as I can see we have - reply to newspgroup: signing only, no encryption possiblie reply all: siging only, no encryption possible (the list includes one or more newsgroups) reply to sender: encryption possible forward: encryption possible These may be accessed via the menu bar, tool bar, and the right mouse button. One thing to look at would be default settings: when replying to sender or forwarding, we implicitly switch from the newsgroup to a mail account.

Thanks for your comments. I'd like to fix this bug together with other changes and have attached a proposed patch to bug 115294.

The strategy has changed, I no longer can fix this bug together with bug 115294. They are again separate issues.