Open Bug 1272904 Opened 9 years ago Updated 2 years ago

Failure to send encrypted-only S/MIME message when lacking a valid personal certificate

Categories

(MailNews Core :: Security: S/MIME, defect)

Product:
MailNews Core
Component:
Security: S/MIME
Platform:
x86_64
Linux
Type:
defect

Tracking

(Not tracked)

People

(Reporter: typewriter.typogeek, Unassigned)

References

Details

In Iceweasel 38.8 (thus, most probably also in Thunderbird 38 and below), a non-existent or existing expired personal S/MIME cert will prevent using availible certs from communication partner for sending them S/MIME-encrypted mails and instead give a warning about no certificate was found for the recipient (although it's availible in the security info tab). After having deleted the expired certs for the sending mail account, leaving no cert configured for the sending account, will trigger the message popup for the true cause of the initial encryption failure: Thunderbird/Iceweasel insists on specifying a certificate for the sending account first. As for sending out ciphered mails with asymetric encryption is not supposed to require one to have an own cert - only signing mails does - this behaviour is most undesirable. Enigmail/PGP handles this correctly.
See Also: → 1209803
See Also: 1209803
See Also: → 1209803
Severity: major → normal
Status: UNCONFIRMED → NEW
Component: Security → Security: S/MIME
Ever confirmed: true
Product: Thunderbird → MailNews Core
Summary: Expired/non-existent personal S/MIME Cert prevents S/MIME encryption → Failure to send encrypted-only S/MIME message when lacking a valid personal certificate
Version: 38 Branch → 38
Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.