Bugzilla secure email should check if an S/MIME cert has expired or has been revoked or if the GPG/PGP key have been revoked and refuse to send encrypted emails.
We could check if an S/MIME cert had expired. But checking revocation would mean an extra outgoing HTTP request per email sent, which I strongly suspect will be unacceptable to the BMO admins, and AIUI there is no central repository of revocation information for GPG/PGP, so there's nowhere to check. Gerv
Status: NEW → RESOLVED
Last Resolved: 10 months ago
Depends on: 1413328
Resolution: --- → FIXED
The GnuPG part of this has been fixed; S/MIME expiration is still not considered.
You need to log in before you can comment on or make changes to this bug.