Closed
Bug 133995
Opened 22 years ago
Closed 22 years ago
Possible to send encrypted mail using untrusted recipient certs
Categories
(MailNews Core :: Security: S/MIME, defect, P1)
Tracking
(Not tracked)
VERIFIED
FIXED
psm2.3
People
(Reporter: KaiE, Assigned: KaiE)
Details
(Whiteboard: [adt1 rtm] [ETA 06/18])
Attachments
(1 file)
|
1.47 KB,
patch
|
javi
:
review+
mscott
:
superreview+
jud
:
approval+
|
Details | Diff | Splinter Review |
Make sure you have a cert from someone else. Edit the trust of the CA that signed the cert. Compose a message to that person, choose "encrypted". Open the "message security" info. You'll see that the dialog says "not trusted" for the recipient cert. Send the message. Actual behaviour: Sending works. Expected behaviour: Sending is blocked and an error message about the non trusted cert is shown.
|
||
Updated•22 years ago
|
QA Contact: alam → carosendahl
|
||
Comment 1•22 years ago
|
||
This seems serious enough to warrant fixing by RTM.
Priority: -- → P1
Target Milestone: --- → 2.2
|
Assignee | |
Comment 2•22 years ago
|
||
taking, raising priority
|
|
Assignee | |
Comment 3•22 years ago
|
||
Stephane, Charles, today I said in our meeting, for fixing this bug we probably need a new error message, but I do no longer think so. We can use the same error message that is shown when there are no certs found at all, because that message includes the information to check for valid recipient certs.
|
||
Comment 4•22 years ago
|
||
changed to ADT1 as this is a security hole.
Severity: normal → major
Whiteboard: [adt2 rtm] → [adt1 rtm]
Version: unspecified → 2.3
|
|
Assignee | |
Comment 5•22 years ago
|
||
|
||
Comment 6•22 years ago
|
||
Comment on attachment 86793 [details] [diff] [review] Suggested Fix r=javi
Attachment #86793 -
Flags: review+
|
||
Comment 7•22 years ago
|
||
Other than manually editing the cert, how does one get into this situation? Is there any way that an attacker can cause this situation remotely? This looks like a good patch to take since the code used to only require the existence of the cert and now requires it to also be a good cert.
|
|
Assignee | |
Comment 8•22 years ago
|
||
> Other than manually editing the cert, how does one get into this situation?
A certificate can become invalid if it expires or if it gets revoked, and the
deployment uses "Certificate Revocation Lists". The application should not allow
to use revoked certificates.
I recommend to take the patch for the branch.
|
||
Comment 9•22 years ago
|
||
Comment on attachment 86793 [details] [diff] [review] Suggested Fix sr=mscott
Attachment #86793 -
Flags: superreview+
|
|
Assignee | |
Updated•22 years ago
|
Keywords: mozilla1.0.1
|
|
||
Comment 11•22 years ago
|
||
Checked into trunk
Status: NEW → RESOLVED
Closed: 22 years ago
Resolution: --- → FIXED
|
|
||
Comment 12•22 years ago
|
||
Verified on 20020614 Trunk Builds. Mark fixed1.0.1 when on the branch. Also, when will the counterpart to this fix, bug 136445 be in? Currently, If the CA is not in the trusted list, a user cert will not verify and will not therefore get added to the other people's tab. I'll add further comments to bug 136445.
Status: RESOLVED → VERIFIED
|
||
Comment 13•22 years ago
|
||
adt1.0.1+ (on ADT's behalf) approavl for checkin to the 1.0 branch, pending Drivers' approval. pls check this in asap, then add the "fixed1.0.1" keyword.
Keywords: approval
Whiteboard: [adt1 rtm] → [adt1 rtm] [ETA 06/18]
|
||
Updated•22 years ago
|
|
||
Updated•22 years ago
|
Attachment #86793 -
Flags: approval+
|
|
||
Comment 14•22 years ago
|
||
please checkin to the 1.0.1 branch. once there, remove the "mozilla1.0.1+" keyword and add the "fixed1.0.1" keyword.
Keywords: mozilla1.0.1 → mozilla1.0.1+
|
|
||
Comment 16•22 years ago
|
||
Verified on the 20020620 branch builds.
Keywords: fixed1.0.1 → verified1.0.1
You need to log in
before you can comment on or make changes to this bug.
Description
•