Open Bug 188320 Opened 22 years ago Updated 2 years ago

Correct Text in "Message Security" Pop-Up for sent messages (see comment, 1 item 4)

Categories

(MailNews Core :: Security: S/MIME, defect)

Product:
MailNews Core
Component:
Security: S/MIME
Version:
1.0 Branch
Platform:
x86
Windows 2000
Type:
defect

Tracking

(Not tracked)

People

(Reporter: hauser, Unassigned)

References

(Depends on 1 open bug)

Details

(Whiteboard: [kerh-coz])

Attachments

(1 file)

Error Message Window (I still wouldn't mind being able to easily copy its text as ascii instead of having to upload a screendump)
10.06 KB, image/png
Details 
Build 2003010808

My From address (ralfhauser@gmx.ch) is in my Thawte certificate.
I get a valid signature, but the warning that the sender and signer may be
different. (Question Mark in signature icon).

I will next attach a screenshot and describe my suggestions.

Related bug is http://bugzilla.mozilla.org/show_bug.cgi?id=152865
Suggestions:

1) List both the sender and the signer e-mail address
2) Change the text from "it is unknown whether the sender and the signer are
the same person" to "the sender is only an alternate signing address of the
certificate - you may want to verify with the certificate owner whether still
all e-mail addresses listed in the certificate are active".
3) The second sentence could be dropped altogether once multiple e-mail
addresses per certificate are handled by Mozilla.

"Message is encrypted" paragraph:
4) "Message is encrypted before it was sent to you": If I am looking at my sent
folder, this is obviously wrong since I am the sender. Therefore, I suggest
5) List all recipient e-mail addresses the message was encrypted to (each with
a button to view the corresponding certificate as suggested in
http://bugzilla.mozilla.org/show_bug.cgi?id=185779)
1) to 3) will not be relevant anymore when bug 50823 is checked-in.
It can be considered duplicate of bug 50823.

5) is duplicate of bug 185779.

4) seems a rather minor point.

This leaves very little inside this bug.
Ralf, don't you agree we should close this as DUPLICATE ?
Or update the description to only keep this as a request to reword the text in 4)

Jean-Marc, all good points.
I changed the subject to focus on #4 (reduced its importance to "trivial") and
made the other two bugs predecessors of this one.
This way, once 50823 is closed, I'll learn that and if it covers also the
suggestions in here, I am happy to close immediately.
Severity: normal → trivial
Depends on: 50823, 185779
Summary: Validate against alternate subject names in Thawte Freemail Certificates → Correct Text in "Message Security" Pop-Up for sent messages (see 4)
Ralf, there's still a problem now that 50823 is checked in, there's no error
message anymore, but the email addres that is displayed in "Message Security"
does not always match the from of the message.

I created bug 200710 about this, before realizing it could be covered in this bug.
But I think bug 200710 is more focused on the problem, so I feel more like
keeping bug 200710 open about this at the moment.
Agreed, your http://bugzilla.mozilla.org/show_bug.cgi?id=200710 kind of covers
my 1), but not 4) which is the main reason this bug is still open...
similarly, the session key strength for the payload and used algorithm should be
shown as per Bug 229724
Mass reassign ssaux bugs to nobody
Assignee: ssaux → nobody
Product: PSM → Core
Whiteboard: [kerh-coz]
QA Contact: carosendahl → s.mime
Version: psm2.1 → 1.0 Branch
Product: Core → MailNews Core
Summary: Correct Text in "Message Security" Pop-Up for sent messages (see 4) → Correct Text in "Message Security" Pop-Up for sent messages (see comment, 1 item 4)
Severity: trivial → S4
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: