Open Bug 1836276 Opened 2 years ago Updated 2 years ago

Treat OpenPGP/SMIME email messages with certain CSS elements as unsigned

Categories

(Thunderbird :: Security, enhancement)

enhancement

Tracking

(Not tracked)

People

(Reporter: KaiE, Unassigned)

References

(Blocks 1 open bug)

Details

We have unresolved issues related to digitally signed email messages, that use CSS rules for styling.

HTML formatting and CSS rules can be used to change what the user sees on screen.

For example, HTML tags could be used to make text so small that it's effectively invisible. With CSS rules, a wide set of creative modifications can be made to produce a message that is shown differently, based on the properties of the device the recipient uses to view the message.

As a partial solution, covering some more extreme ways to modify the rendering, we have implemented stripping of some CSS rules, e.g. device specific rendering, see bug 1530106.

However, users have express they are unhappy with that approach.

This bug suggests a new solution for this scenario:

  • if a message contains any CSS rules,
    then drop all security indicators,
    and don't indicate the message as being digitally signed
  • allow full rendering of the CSS as is
Blocks: 1603299
You need to log in before you can comment on or make changes to this bug.