Closed Bug 1673177 Opened 4 years ago Closed 6 months ago

Support S/MIME V4.0 as defined in RFC 8551

Categories

(MailNews Core :: Security: S/MIME, enhancement)

Product:
MailNews Core
Component:
Security: S/MIME
Type:
enhancement

Tracking

(Not tracked)

Status:
RESOLVED DUPLICATE of bug 1847703

People

(Reporter: bz-WNf32v5gWPwr, Unassigned)

Details

User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.111 Safari/537.36

Steps to reproduce:

The Secure/Multipurpose Internet Mail Extensions (S/MIME) are used in Thunderbird (and other e-mail programs) to allow digital signing and/or (end-to-end) encryption of messages. Signing intends to guarantee that a message was sent by a certain x.509 certificate holder and that it was not tampered with. Encryption ensures confidentiality, so that only the intended recipients can read the (decrypted) content of a message.

Thunderbirds mostly seems [1] to implement what is defined as (up to) Version 3.2 in RFC 5751 [2] which dates back to January 2010. That standard was superseded in April 2019 by RFC 8551 [3] which is called S/MIME Version 4.0.

A lot has changed in the nine years and S/MIME 4.0 includes modifications to several areas of the protocol(s). Most notably the cryptographic algorithms that SHOULD (or MUST) be supported were revised.

In 2018 the publication of EFAIL [4] identified several issues of specific implementation and the standards themselves (both for S/MIME and PGP) that may compromise the confidentiality of an encrypted message.

The root cause of the S/MIME vulnerability is that a symmetric block cipher (either 3DES or AES-CBC) is used which does not prevent or detect modifications to the cipher text. To mitigate the issue S/MIME 4.0 specifies the usage of authenticated content encryption algorithms: AES-CGM (MUST) and ChaCha20-Poly130 (SHOULD+).

In some parts the standard deprecates or even removes protocols (usually because they are insecure) which might affect backwards compatibility. This may present a challenge regarding the "full implementation" of the RFC 8551.

On a positive note it seems that most/all (?) new cryptographic algorithms (e.g. AES-GCM, ChaCha20-Poly1305) are actually already in the shared Mozilla gecko-dev code base. So the main work would be to interface with the existing libraries from the (extended) S/MIME code parts.

Thunderbird being one of the few (or the only?!) open source cross platform desktop e-Mail client of relevance and should take a lead on implementing more secure standards like S/MIME 4.0.

[1] https://github.com/mozilla/gecko-dev/blob/master/security/nss/lib/smime/smimeutil.c#L109
[2] https://tools.ietf.org/html/rfc5751
[3] https://tools.ietf.org/html/rfc8551 (April 2019)
[4] https://en.wikipedia.org/wiki/EFAIL

Component: Security → Security: S/MIME
Product: Thunderbird → MailNews Core

see bug 1847703 comment 13

Status: UNCONFIRMED → RESOLVED
Closed: 6 months ago
Duplicate of bug: smime-2023
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.