Closed Bug 312334 Opened 19 years ago Closed 15 years ago

No way to import certificate from signature.

Categories

(Thunderbird :: Security, defect)

Product:
Thunderbird
Component:
Security
Platform:
x86
All
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED WORKSFORME

People

(Reporter: thunderbird-bugzilla.5.n1, Assigned: dveditz)

Details

User-Agent:       Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.12) Gecko/20050922 Firefox/1.0.7 (Debian package 1.0.7-1)
Build Identifier: 

Currently, there is no way to import a S/MIME certificate from a S/MIME signed
mail, like other mailers allow to do. This would allow the reciever of a signed
(and possibly already encrypted) message from an unknown recipient to reply in
an encrypted manner. Currently there is no easy way to do it.

The certificate is, however, viewable through "View Signature Certificate". A
simple "Import" or "Save As" button in that dialog would solve the problem. The
only workaround is asking the sender of the original message to send his public
key in another mail, which greatly reduces S/MIME usefulness.

Reproducible: Always

Steps to Reproduce:
OS: Linux → All
I have is an import button in the "View Signature Certificate" dialog... Have
you tried thunderbird 1.5b2?

Using Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8b5) Gecko/20051012
Thunderbird/1.4.1 ID:2005101205
Unless I am incorrectly informed, the digital signature contains the public certificate of the sender. This public certificate can then be perfectly used to send encrypted email to that person.

What the submitter asked for --and I vote for that too-- is that there is some way that TB lets the user import that public certificate. Viewing the certificate's details is something different and will not allow for *using* the certificate for signature verifications and email encryption.
If there ever was an import button, it has disappeared again   :(
http://kb.mozillazine.org/Installing_an_SMIME_certificate suggests that under certain conditions, the certs are automatically imported.
If not, TB unfortunately refuses to tell why :(

see also Bug 413490
(In reply to comment #0)
> The certificate is, however, viewable through "View Signature Certificate". A
> simple "Import" or "Save As" button in that dialog would solve the problem. 

There is such a button now.  

Also, if you send me a signed email, I'll be able to reply to you with an encrypted email *if* that cert is set to be an encryption cert as well as a signing cert, -or- if you sent along your encryption cert.  In other words, it works the way you want if your cert(s) are set up correctly.

As Ralf says, there may be no good indication of what's wrong with the cert that would prevent it from doing the right thing.  

Closing this bug for now, but feel free to re-open it or to file bugs that talk about specific error cases.
Status: UNCONFIRMED → RESOLVED
Closed: 15 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.