Open Bug 1662403 Opened 4 years ago Updated 4 years ago

OpenPGP: Give feedback if an imported secret key lacks attributes and cannot be used as a personal key

Categories

(MailNews Core :: Security: OpenPGP, enhancement)

enhancement

Tracking

(Not tracked)

People

(Reporter: KaiE, Unassigned)

Details

On the e2ee list, Riedel reported:

Thunderbird allows the import of secret keys, even if the usage flags 0x02 and 0x04 are missing.
( https://tools.ietf.org/html/rfc4880#section-5.2.3.21 )

If these are missing, the key isn't shown in the key list in account settings, and cannot be selected as a personal key for the account.

This may be confusing to the user, because a key is apparently available, but isn't offered for using it.

It has been suggested that we shouldn't allow the import of such keys, but currently I don't agree. The secret might be required for decrypting information, and we cannot predict all scenarios in which the key might be useful.

It might be best to display additional information if keys cannot be used as a personal key, for example the key details view could explain that required attributes are missing and that the key cannot be used.

We'll have to find example keys, think about the various scenarios, and think about how to best present it in the UI.

Thanks for filing the bug!

As a clarification: I would also still allow importing such keys but:

a) give at least a warning (if not error) if the key is imported through the "Add key..." wizzard (and not the OpenPGP manager)

b) would not allow using /marking this key as a personal key

Particularly the currently displayed resulting message in the identity configuration dialog is misleading, if there is already an (unfit) personal key present: "Thunderbird doesn't have a personal OpenPGP key for riedel@teco.edu"

You need to log in before you can comment on or make changes to this bug.