Closed Bug 956490 Opened 10 years ago Closed 7 years ago

No way of setting the encryption and hash algorithms

Categories

(MailNews Core :: Security: S/MIME, defect)

Product:
MailNews Core
Component:
Security: S/MIME
Platform:
x86_64
Windows 7
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

(Not tracked)

Status:
RESOLVED DUPLICATE of bug 222179

People

(Reporter: cristian.baboi, Unassigned)

Details

User Agent: Opera/9.80 (Windows NT 6.1; Win64; x64) Presto/2.12.388 Version/12.16

Steps to reproduce:

1. configure thunderbird for smime encryption&signing
2. create a new e-mail with sign&encrypt
3. send the e-mail


Actual results:

The e-mail was sent with 3DES encryption. I don't know the hash algorithm used.


Expected results:

The ui should have allowed me to set and view the algorithms used for signing & encryption.
Severity: normal → critical
Hardware: x86 → x86_64
Component: Security → Security: PSM
Product: Thunderbird → Core
Version: 24 → unspecified
Component: Security: PSM → Security: S/MIME
Product: Core → MailNews Core
Hello together,

I found a similar bug post here https://bugzilla.mozilla.org/show_bug.cgi?id=222179, where someone already seemingly developed a patch, but it was never integrated in Thunderbird. Essentially it should be a dropdown menu in the S/MIME options in the mail accont configuration to select the general hash algorithm and encryption algorithm for S/MIME messages in general for example as posted here https://bug222179.bmoattachments.org/attachment.cgi?id=8361739

I've developed a great interest in cryptography in the last months, it truly would be very useful. As I know Thunderbird can open and reply to AES128, AES192, AES256 and even AES512 messages, and also handle the SHA2 family for signing.

It's just a matter of personal freedom for the user, so that he/she can select the preferred algorithms for themselves.
I have found no way to change the seemingly hard coded 3DES 168bit encryption algorithm in Thunderbird at all.

Outlook give me the opportunity to choose my algorithms on my own. Since Windows XP is no longer supported anyway, stronger algorithms would be absolutely appreciated, such as SHA256/AES256 or SHA256/AES192. And computing power is no reason at all, although all new processors have built in AES acceleration

All major email applications and operating system support such algorithms now, as posted by GlobalSign here
https://support.globalsign.com/customer/portal/articles/1499561-sha-256-compatibility

Thank you ever so much.

Kindest regards,
Robert Christian Strasser
> I found a similar bug post here https://bugzilla.mozilla.org/show_bug.cgi?id=222179, 

dupe?  (on the surface, seems like)
Flags: needinfo?(mkmelin+mozilla)
Yes.
Status: UNCONFIRMED → RESOLVED
Closed: 7 years ago
Flags: needinfo?(mkmelin+mozilla)
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.