Disble insecure 3DES encryption in thunderbird SMIME

RESOLVED DUPLICATE of bug 1167857

Status

RESOLVED DUPLICATE of bug 1167857
2 years ago
2 years ago

People

(Reporter: mozilla, Unassigned)

Tracking

45 Branch

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

2 years ago
User Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:53.0) Gecko/20100101 Firefox/53.0
Build ID: 20170509210144

Steps to reproduce:

I sent an email to myself, encrypted with an SMIME certificate.



Actual results:

The selected encryption for my email was 3DES which is broken.

On https://lapo.it/asn1js/ you can paste the encrypted email text and see the decrypted details (  for example https://mcaf.ee/fnt3kr )

There you find the string

    OBJECT IDENTIFIER1.2.840.113549.3.7des-EDE3-CBC

which shows that 3DES is used.






Expected results:

A secure encryption like aes, camelia, aria or  chacha20 shouldh have been selected to encrypt my mail body.
(Reporter)

Updated

2 years ago
Status: UNCONFIRMED → RESOLVED
Last Resolved: 2 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 1167857
You need to log in before you can comment on or make changes to this bug.