Allow signing newsgroup messages

NEW
Unassigned

Status

MailNews Core
Security: S/MIME
--
enhancement
16 years ago
8 years ago

People

(Reporter: kaie, Unassigned)

Tracking

({regression})

Other Branch
Future
regression

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [psm-smime])

(Reporter)

Description

16 years ago
The account manager for mail/news should show the security panel for newsgroup
maessages, too.

It should be possible to configure signing prefs, but not encryption prefs.

Updated

16 years ago
QA Contact: alam → carosendahl

Comment 1

16 years ago
This is missing functionality that currently exists in 4.x clients.  

Updated

16 years ago
Keywords: regression

Comment 2

16 years ago
Also, the doco shows a "Security" item for Newsgroup servers, too, which is
misleading. My 1.0RC2 doesn't have it, which is interesting.

However, if I write a message which goes both to a regular email recipient *and*
to a newsgroup, then it will be sent signed to both and show up fine on the
newsgroup.

This workaround does not work if I start from the newsgroup, like trying to
respond to a posted message.
Keywords: 4xp

Comment 3

16 years ago
*** Bug 146654 has been marked as a duplicate of this bug. ***

Comment 4

16 years ago
Body of 146654:
I set up my main email account to digitally sign messages, mostly to provide
some extra testing of dogfood.  When I compose an email message, I can disable
the signature on a per-message basis. However, I don't have that option for
newsgroup messages.  I'm not sure why we don't have a separate Security tab for
newsgroup accounts, since I don't really need to sign them, and other newsgroup
users complain that it makes them too large.



------- Additional Comment #1 From Mitchell Stoltz 2002-05-24 12:42 -------

-> PSM S/MIME. I agree that options for Mail and News should be separated in
this case.



------- Additional Comment #2 From Charles Rosendahl 2002-05-30 16:52 -------

Not sure what you mean.  Signing news messages is not officially supported in 7.0

There are two bugs that relate to what I believe you are referring to.  
One:  Switching sender should set security settings accordingly within the
composition window.  
Two:  Signing of newsgroup messages is not supported.

Currently if you enter through the email account and change the recipient type
to newsgroup, the settings are not changed.  If you enter through the newsgroup
account, the settings are not set and cannot be set unless you manually tweak
your prefs file.

marking this a duplicate of 134949 and incorporating these comments into that
bug for tracking purposes once we get around to implemeting this feature.

As an aside, I'm not sure if we should change the security settings when we
change the recipient type based on whether it is a news message or not.  Since
multiple news accounts may be configured, which news account would we set the
preferences to?  Tis better to enter through the news account directly.

Updated

16 years ago
Target Milestone: --- → Future
(Reporter)

Updated

16 years ago
Severity: normal → enhancement
(Reporter)

Updated

16 years ago
Keywords: nsbeta1
(Reporter)

Comment 5

16 years ago
We don't support sending signed messages, without specifying own's cert for
receiving encrypted messages. (Details in bug 115294, in short: Users expect to
be all set for sending encrypted messages by receiving a signed message and we
should break that general rule.)

As a consequence, even when preparing a signed newsgroup message, we must still
know which certificate the user wants to use for receiving encrypted messages.
Because we have that as a separate configuration option, we need to include the
encryption box for newsgroup accounts, too.

The only thing we can (and should) change in the newsgroup prefs UI: the "use
encryption" setting. I vote that we do not remove it from the UI, but force
selection of "never encrypt" and disable the "require encryption" in the UI.
Argument 1: The user will be aware that encryption for newsgroups is not
possible / supported. Argument 2: I heard there is a RFC how S/Mime newsgroup
encryption could work, and at some point in the future we might want to support
that.


So the work required to implement this bug is: Activate showing the tab and lock
the encryption setting to "never". Users will need to configure both
certificates for newsgroup accounts, too.
(Reporter)

Comment 6

16 years ago
I don't want to work on this before 160499 is done. I realize the logic to
enable/disable controls in the S/Mime prefs UI is not consistent with the
application behaviour. We should fix that before we make the enable/disable
logic more complex (for newsgroup settings).
Depends on: 160499

Comment 7

16 years ago
We should still allow users to include an encryption cert in a signed newsgroup
message.

There could be a checkbox that says: "include this encryption certificate in my
signed message".

Comment 8

16 years ago
Another reason for allowing the inclusion of the encryption cert:  replying back
directly to the sender rather than the news group containing the news posting
allows the opportunity to encrypt the reply.
(Reporter)

Comment 9

16 years ago
I'm confused.

I believe we already agree, but you seem to think we do not. I guess my comments
were unclear.

In my comments I wanted to say: "Yes, we need to require the user to configure
both".

Comment 10

16 years ago
No disagreement

Comment #5 is clear - I just wanted to add the basic reason why a sender's
encryption cert would be added to a newsgroup message in the first place.

As far as I can see we have - 
reply to newspgroup:  signing only, no encryption possiblie
reply all: siging only, no encryption possible (the list includes one or more
newsgroups)
reply to sender: encryption possible
forward:  encryption possible

These may be accessed via the menu bar, tool bar, and the right mouse button. 
One thing to look at would be default settings:  when replying to sender or
forwarding, we implicitly switch from the newsgroup to a mail account.
(Reporter)

Comment 11

16 years ago
Thanks for your comments.

I'd like to fix this bug together with other changes and have attached a
proposed patch to bug 115294.
Depends on: 115204
(Reporter)

Updated

16 years ago
Depends on: 115294
No longer depends on: 115204
(Reporter)

Comment 12

15 years ago
The strategy has changed, I no longer can fix this bug together with bug 115294.
They are again separate issues.
No longer depends on: 115294

Updated

13 years ago
Component: Security: S/MIME → Security: S/MIME
Product: PSM → Core
QA Contact: carosendahl → s.mime

Updated

9 years ago
Component: Security: S/MIME → Security: S/MIME
Product: Core → MailNews Core
(Reporter)

Updated

8 years ago
Assignee: kaie → nobody
Whiteboard: [psm-smime]
You need to log in before you can comment on or make changes to this bug.