Closed Bug 74157 Opened 24 years ago Closed 2 years ago

[meta] S/MIME support

Categories

(MailNews Core :: Security: S/MIME, enhancement)

enhancement

Tracking

(Not tracked)

RESOLVED INACTIVE

People

(Reporter: jmdesp, Unassigned)

References

(Depends on 11 open bugs)

Details

(Keywords: meta)

There's some discussion around about the need of S/MIME support in Mozilla/Netscpae 6, but no specific bug opened for that. I know everyone in Netscape has many things to do for Mozilla, but S/MIME is really important. It's hard for me to imagine version 1.0 would ship without S/MIME. SSL/TLS was a requirement for the navigator from the start. Why is S/MIME so low in the order of priority comparatively ? Well, at least this RFE will make clearly visible what level of importance Netscape is giving to this. Most of the bricks needed for S/MIME are there, NSS has all the component required, the signing/encrypting UI is being created for the PGP plug-in. BTW currently a signed mail where the signed content is included inside the signature will generate the following display : This is an ENCRYPTED message. Mozilla Mail does not support encrypted mail. In that case, it's false, the message is signed, not encrypted, but the signed content is not available separately from the signature.
Security:Crypto
Assignee: mstoltz → ddrinan
Status: UNCONFIRMED → NEW
Ever confirmed: true
Product: MailNews → Browser
cc people
Component: Security: General → Security: Crypto
If I understand the Mozilla schedule, S/MIME will not be done in time to ship 1.0. We are, however, staffing up to take the existing S/MIME libraries in NSS and reflect them in the mail client. Volunteers should contact lord@netscape.com. Stay tuned to the mozilla.crypto newsgroup. We'll post there as we make progress.
Component: Security: Crypto → Client Library
Product: Browser → PSM
Version: other → 2.0
Target Milestone: --- → Future
*** Bug 85249 has been marked as a duplicate of this bug. ***
*** Bug 89232 has been marked as a duplicate of this bug. ***
*** Bug 91586 has been marked as a duplicate of this bug. ***
Mass assigning QA to ckritzer.
QA Contact: junruh → ckritzer
Blocks: advocacybugs
Since Netscape 4.x had this feature Mozilla 1.0 shouldn't be released without S/MIME support. The people who need encrypted mail can't change to Mozilla without S/MIME.
*** Bug 103030 has been marked as a duplicate of this bug. ***
*** Bug 63288 has been marked as a duplicate of this bug. ***
QA > alam
QA Contact: ckritzer → alam
*** Bug 84213 has been marked as a duplicate of this bug. ***
Depends on: 95262
Depends on: 105526
We're starting the process to land the first cut at S/MIME support in the Mozilla Mail client. This first cut will have close to no UI, but it will allow you to send and receive signed and encrypted email. The first draft of the UI specs will follow shortly after. You should expect to see some progress in the next 2-3 weeks if all goes as planned.
Let us know how we can test it
Priority: -- → P1
Target Milestone: Future → 2.2
*** Bug 108548 has been marked as a duplicate of this bug. ***
*** Bug 108556 has been marked as a duplicate of this bug. ***
S/MIME seems to be in now... just to let those people know who wanted to know :)
I just downloaded the latest 11/13 build and it is not there. And even worse, the security manager is gone! I cannot manage my certificates now. Please explain how we are to access the S/MIME features?
I found out that MailNews now displays a message about verification of signed S/MIME messages. E.G.: I've recieved a signed message. Here's a fragment of its Content type: Content-Type: multipart/signed; micalg=SHA1; protocol="application/x-pkcs7-signature"; When I click to read it, i get a messagebox stating "This is a signed message with a valid signature". Are there any more goodies?
Aha, all those new features are listed in attachment 54120 [details].
Is this support in the public trunk? I downloaded today's version for Linux, and while there are options to sign and encrypt, they do nothing. They do not even trigger the certificate selection process. The 111303 windows (2k) version (Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:0.9.5+) Gecko/20011113) does not even have the security option in the mail composition window. Am I missing something here?
you first select your cert under mail server options. The sign/encrypt options will then work. -GA
The user interface is surely a lot worse than in Netscape. I did all you said, and now the mail send fails, saying to check the mail server settings. Also, when I pop up the security options menu in the Linux compose window, selecting any of the options does not seem to stick. There is no dot next to the option when i click it and then come back to the menu.
"...and now the mail send fails, saying to check the mail server settings." reference: http://bugzilla.mozilla.org/show_bug.cgi?id=108912
I tried today's linux build (SuSE 7.3 dual processor pentium pro) again. When I turned off the sign mail box, it was able to send mail. When I turned it back on and tried again, Mozilla crashed. Twice. The feedback agent sent 2 reports ....
The final design is still being worked out. this is a daily build release that will help us work out the bugs in the underlying crypto libraries. For the UI, see: http://www.mozilla.org/mailnews/specs/security/ and http://www.mozilla.org/mailnews/specs/security/Options.html
Please see also netscape.public.mozilla.crypto
I'm working in build 2001112806 on MacOS X (10.1.1) and if I have the option selected to sign a message when it is being sent, I get an error saying "Sending of message Failed. Please verify that your Mail & Newsgroups settings are correct and try again." If I disable the option to sign, mail sends just fine. I'll be glad to do more testing if anyone wants me to try something.
OK, I kinda need to rescind that last report. The problem appears to be that you get that error if you are trying to use a certificate that is not trusted (in my case, the root CA was not installed). But never the less, the error is still a bad one. I guess one needs to get an error saying that there is a problem with the certificate that you are trying to use to sign email.
Now that S/MIME Support was checked in and enabled, shouldn't this bug be closed?
If it is enabled, it surely does not work for me yet on yesterday's build. There are at least "user interface" issues since it works like a charm for me on Netscape 4.7x, but I cannot get a signed or encrypted message sent. Perhaps a short tutorial posted here might solve this. I usually get an error about a misconfiguration of the mail server.
A big problem with the S/MIME interface is that it does not allow you to select the recipient's certificate. I for example have one certificate, but about 6 e-mail addresses. If a person wants to send me e-mail at other than the address in the certificate, he is out of luck. The option/security menu does not allow an encrypt and/or sign just this message. In general, I do not want to encrypt or sign everything! A poster here said S/MIME will not work unless all the CAs are "trusted." Well, if the send fails because of this, a pop-up needs to be generated saying which CA is the problem and also allowing the user to decide whether to trust it just this once, or forever, and for what purposes.
My mail still fails to send if I check encryption or signature. And A lot of the times, the buttons for these do not stick. I set them, and for the same message, return to the security settings option, and they are unset again. So if the encrypt option is set, the mail will not send, or else, it cannot be set.
I'm seeing this too now (send failed if signing checked).
regarding comment #33. You can certainly set your cert in the account manager, then decide not to check the sign messages. Once you've done that you can use the option menu to set the signing and encryption for each messages. This works with build 2002010903 Currently the s/mime implementation is only here to catch s/mime libraries issues. The specs for the ui can be viewed at http://rocknroll/users/jglick/publish/Security/Security.html Trust issues are central to the PKI model. We will provide better feedback when reading an email whose signature fails to validate. We will provide feedback on why a email cannot be signed/encrypted. If you're currently unable to send a signed email you may be hitting a variety of bugs, or your mail account may not be configured correctly. If you want to help, you may want to try and isolate the issue by setting up a new profile, by trying different scenarios. Things that may affect your ability to find your own signing cert (many of them bugs that need to be fixed) are: Not yet logged in to the software security device (the client should prompt you). The setting of prefs->sec->certificates->ask every time/choose automatically. Certificate database corruption issues (testing on a new profile help isolate these). Certificate issues (expiration date, trust, broken CA chain, untrusted CA, etc...) Use of Hardware devices. Random Mozilla regression in the XUL which cause the prefs settings or the options/security menu of the compose window to be broken (javascript console may help isolate these.) Regarding email addresses and certificates. When you sign an email send from one account, the various rfc strongly recommend that the certificate used to sign the email contain the email address of the sender in the altSubjectName field, or the E= attribute of the cert subject name. Without this, it's very easy to take a non signed email send by a@foo.com, modify it (buy 1,000,000 of this rather than 1,000) sign it with a different cert (the signature will be "valid") and let it go to the recipient who would be given a feedback that the email is "signed". Note that certificates can have multiple addresses in the altSubjectName (although mozilla may not work well yet in that case - but it's in the plan). Thawte certificates for example allow you to add email addresses to them (actually you a new cert based on the same key material is issued). The other way to handle multiple email addresses is to have different Mail/News accounts with different certificates. This is definitely supported today. There maybe many reasons to want to have different certificates. One may be issued by your employer, one may be for personal use. You wouldn't want to use one for the other, as employer often escrow the encryption keys. Other reasons may include how the certificate was issued (certain "classes" of certificate require you to have a face-to-face encrollment procedure to verify your identity. The cert would carry much more weight.)
http://rocknroll/users/jglick/publish/Security/Security.html does not work for me..... I have no problems using certificates with Netscape 4.x... For commercial purposes, I agreee about that e-mail address matching the certificate address is a good idea. But if I want to send private mail to friends, they will know it is me, even if my account and e-mail do not match. Managing user certificates gets to be a nightmare, and certificates cost money, so having many is hard to justify. If I encrypt a message with a certificate that does not agree with my e-mail address, my receiver, if they already have and trust my certificate, knows that it was encrypted with my private key, so if the certificate has not been revoked, it really did come from me. The situation gets more complex when I have multiple e-mail aliases that all go to the same place. I am jar@ornl.gov, romeja@ornl.gov, romeja@y12.doe.gov. They all get sent to the same place, and I cannot always control which one is used. In any event, this choice should be up to the user.
Another option to check is your OCSP setting. See Bug 119540
The inteface spec helped a bit. I sent myself a signed message (to my pop account), and the expanded subject said signed, but there was no visible signature icon, nor any way to see the signature. I was able to view the message source and see the signature in a non-readable format.
I have been able to : - read and verify succesfully signed emails - read and fail verify (CA not trusted) of signed emails - send encrypted email AFAIC, the initial RFE is done. I can sign, I can encrypt. Now the UI still need work. I can't have a description of why the check failed or see the certificate of the sender (comment #37, this was in 4.x), and some people want more sophisticated treatement of the relation email-certificate as can be seen in some comment (comment #33, comment #37 , this wasn't in 4.X). AFAIC, I feel this requests could be in seperated bug, and this bug closed-verified. For people who are used to N 4.X, finding where to set the certificate options for mail is really difficult and non intuitive, even if the sheer fact of linking then to mail account is a very good idea. Finding how it can be enhanced could be a usability bug, too.
I think you need to give us folks some clues about how to do all of this. I sent myself a signed message. There is NOTHING on the window to indicate this. If I expand the subject pane, it says <signed>, but I find no way of viewing the signature. I tried to send an encrypted piece of mail to myself. It complained that it couldn't find my certificate. I went to the LDAP and downloaded it, so it should have been in the list of "others" certificates. But it is not there. When I view my personal certificates, the e-mail address is not listed. Another issue is that we have e-mail aliases. I am jar@ornl.gov and romeja@ornl.gov. They both go to the same place. I need a way of seeing which address my certificate is for. What am I missing?
For the UI please look at the specs as described in comment #27 (only the first link is relevant.) You're using an alpha product as far as s/mime is concerned. You should not rely on it.
I saw none of the widgets described in the spec in my signed message.
exactly. the specs is what you'll have when we're done.
Adding some S/MIME bugs to dependencies.
Target Milestone: 2.2 → ---
more dependencies
Depends on: 37020, 115010
Please consider adding a dependency on bug #117992, filed on a problem in retrieving new certificates from Thawte. Thawte Freemail is currently the only to get a free and widely-recognized personal certificate, so this is quite critical for many potential users of S/MIME.
adding bug 117992 to dependencies.
Depends on: 117992
A nice guide was noted by Stephane Saux a month ago in news://news.mozilla.org:119/3C4F6A59.8080600@netscape.com which should help people figure out how to get started testing: Sean Cotter put together the following document on using the preliminary s/mime functionality now present in daily mozilla builds. The UI is not fully implemented. It includes information on getting a test certificate so that one can get going. Note that these certificates have a 7 day validity period, so one has to go and obtain new certs fairly regularly. http://www.mozilla.org/projects/security/pki/psm/smime_guide.html
Another free source of S/MIME certificates is Jeff Schiller's fancifully named "Black Helicopter Organization". Before you ask how much you should trust these certs, ask yourself how much liability the commercial cert providers are willing to accept for their certs.... http://www.black-helicopter.org/bh/ These are not dual-key certs, so they allow testing different aspects of Mozilla than the Netscape Test Certificate Authority certs at https://testca.netscape.com/ Jeff's also are valid for a lot longer - one year.
Depends on: 128869
Keywords: nsbeta1+
Target Milestone: --- → 2.2
Depends on: 129100
Component: Client Library → S/MIME
QA Contact: alam → carosendahl
Depends on: 136814
Depends on: 50823
Depends on: 135636
Depends on: 137071
Depends on: 139561
Depends on: 119394
Target Milestone: 2.2 → Future
removing nsbeta1+ as this is a tracking bug
Keywords: nsbeta1+
Summary: [RFE] S/MIME support in Mozilla Mail → [RFE] S/MIME support in Mozilla Mail tracking bug
Depends on: 121906, 144435
Depends on: 161275
Keywords: meta
Summary: [RFE] S/MIME support in Mozilla Mail tracking bug → S/MIME support in Mozilla Mail tracking bug
Blocks: majorbugs
There seems to be an inability to handle S/MIME e-mail from Outlook Express. The mail looks like: <usual mail header> This is a multi-part message in MIME format. ------=_NextPart_000_000E_01C30B52.0C15E090 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit <mail message textual content> ------=_NextPart_000_000E_01C30B52.0C15E090 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIPpzCCA60w ggMWoAMCAQICBDyGbZ8wDQYJKoZIhvcNAQEFBQAwbjELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD1Uu Uy4gR292ZXJubWVudDEdMBsGA1UECxMURGVwYXJ0bWVudCBvZiBFbmVyZ3kxJjAkBgNVBAsTHU9h ayBSaWRnZSBOYXRpb25hbCBMYWJvcmF0b3J5MB4XDTAyMDMwNjE4NTcyOFoXDTIyMDMwNjE5Mjcy OFowbjELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD1UuUy4gR292ZXJubWVudDEdMBsGA1UECxMURGVw ..... k7OtvjyeMAeHi47gAPr54tT2qxa8eAks7qd60xLFpv9+wqXIqiUjYoh3x8QIhM78MLTkPUd9NQUA AAAAAAA= ------=_NextPart_000_000E_01C30B52.0C15E090-- 1) The signature icon in the bottom border is not there 2) Inside the attachment window, is an icon that says it is signed, but you can't tell unless you open the attachment panel. 3) There seems no way to import the .p7s file into my Mozilla so I can use his public key. I even tried clipping the signature file, putting it into a .p7 file, but that did not work either. I am using build 2003041704 on win2k. Why isn't this working?
James, this kind of question should be reserved for the support newsgroups (news://news.mozilla.org/netscape.public.mozilla.crypto or news://news.mozilla.org/netscape.public.mozilla.mail-news), not added to a bug report like this one. If indeed there's a problem in Mozilla, it should be added as a new bug only once there's a better description of it. I received hundreds of signed/encrypted mails from Outlook users, they usually work. The "usual mail header" part is the one that sounds the most suspicious. If you want someone to answer you on the newsgroups, send *all* the headers and all the content of the mail (anonymize mail adresses first).
Depends on: 209166, 209168
Depends on: 209182
Depends on: 200862
Mass reassign ddrinan's PSM bugs (with his permission) to nobody
Assignee: ddrinan0264 → nobody
QA Contact: carosendahl → nobody
Target Milestone: Future → ---
Product: PSM → Core
No longer blocks: majorbugs
QA Contact: nobody → s.mime
Version: psm2.0 → 1.0 Branch
Version: 1.0 Branch → Trunk
Product: Core → MailNews Core
Priority: P1 → --
Depends on: 1481969
Depends on: 531073

Are the bugs in this component going to be getting attention anytime soon?
It would appear these have mostly lingered for more than a decade and despite an emphasis on encryption, that apparently only means open PGP.

THe fact that Thunderbird periodically can't find a certificate that the UI has no trouble finding is worrisome in the least. Bug 1481969 12 years ago.

No longer depends on: 531073, 1481969
Depends on: 1481969
Severity: normal → S3

s/mime has its very own component. And given this is inactive for twenty years and the meta bug today lacks a clear focus, I think we can close this.

Status: NEW → RESOLVED
Closed: 2 years ago
Resolution: --- → INACTIVE
Summary: S/MIME support in Mozilla Mail tracking bug → [meta] S/MIME support
You need to log in before you can comment on or make changes to this bug.