Closed Bug 1674401 Opened 4 years ago Closed 4 years ago

Provide option to attach OpenPGP public key also in S/MIME mode

Categories

(Thunderbird :: Security, enhancement)

enhancement

Tracking

(Not tracked)

RESOLVED WONTFIX

People

(Reporter: MoritzDuge, Unassigned)

Details

User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:82.0) Gecko/20100101 Firefox/82.0

Steps to reproduce:

Send an S/MIME signed message.

Actual results:

OpenPGP public key wasn't attached.

Expected results:

If OpenPGP is configured, please also attach the OpenPGP public key if the mail is signed/encrypted using S/MIME.
I know, that the key can always be attached manually. But since there's no more "Attach my public key" option like it used to be in Enigmail, attaching the OpenPGP public key manually is to annoying for daily use.

Attaching the OpenPGP public key in S/MIME mode has multiple advantages:

The receiver gets both keys (S/MIME certificate and OpenPGP public key). So the receiver has the freedom to decide which encryption standard to use for replying.

Receiving an OpenPGP public key via S/MIME signing mail may help the recipient to gain a basic trust into a newly received OpenPGP public key.

If the sender has only an S/MIME certificate of the recipient (no OpenPGP public key), using S/MIME is the only way of sending an encrypted message (and encryption which may be required).
But the sender may like to encourage the recipient to reply using OpenPGP. So it's helpful to send the OpenPGP public key in that S/MIME message.

Theoretically this feature could also be implemented the other way around. So the S/MIME certificate also gets attached in an OpenPGP message. But most S/MIME implementations don't expect the S/MIME certificate as a file attachment. Instead, S/MIME certificates are implicitly distributed in the signature. And additionally signing an OpenPGP/MIME message with S/MIME isn't easily possible - as far as I know.

Preceding ticket: https://bugzilla.mozilla.org/show_bug.cgi?id=1628097

Correction:
There's an "Attach my public key" option. But only if the encryption mode is being set to OpenPGP.
If the encryption mode is being changed to S/MIME, the "Attach my public key" option is being hidden and can't be used.

Also I'm a little confused about the OpenPGP public key attachment and the autocrypt header.
As far as I can see, in OpenPGP mode there's an autocrypt header (which should contain the public key - as far as I know) and the key is also being attached as a file.
In general I'm a great fan of a verbose key gossip. But the autocrypt header should be enough as default (the public key can be attached as a file manually if really needed).

I'm not sure if the autocrypt header may somehow conflict with the S/MIME standard. But if not, please understand the original message of this ticket as:
Please add an autocrypt header with the OpenPGP public key also in S/MIME mode.

Summary: attach OpenPGP public key also in S/MIME mode → Provide option to attach OpenPGP public key also in S/MIME mode

Generally I like software which is highly configurable.
But in this case I think an additional, configurable option isn't absolutely needed.

Instead a simple logic could be:
If OpenPGP is configured for an identity, send the public key (preferably via autocrypt header), even when writing a mail in S/MIME mode.
Additionally the "Attach my public key" option could also be displayed in S/MIME mode, but being disabled by default. (maybe rename the option to "Attach my public OpenPGP key" for clarification)

I also spend a little more thoughts on the "Attach my public key" option in OpenPGP mode.
I think because the autocrypt header is already there, the "Attach my public key" should simply not be enabled by default.
(at least in my Thunderbird "Attach my public key" is enabled by default and I couldn't figure out how to set the default to disabled)

(In reply to MD-Work from comment #1)

I'm not sure if the autocrypt header may somehow conflict with the S/MIME standard. But if not, please understand the original message of this ticket as:
Please add an autocrypt header with the OpenPGP public key also in S/MIME mode.

I think that would be bad. The S/MIME message could be 100% safe, but if the signature is in Autocrypt, that is totally insecure and not covered by the signing/encryption of S/MIME.

All in all, it's too confusing trying to mix the two technologies.

Status: UNCONFIRMED → RESOLVED
Closed: 4 years ago
Resolution: --- → WONTFIX

(In reply to Magnus Melin [:mkmelin] from comment #3)

(In reply to MD-Work from comment #1)

I'm not sure if the autocrypt header may somehow conflict with the S/MIME standard. [...]
[...]
All in all, it's too confusing trying to mix the two technologies.

In this case simply giving a possibility to easily attach my own OpenPGP public key when writing an S/MIME mail would be great.

To clarify my scenario:
I have an S/MIME key as fallback to avoid totally unencrypted mails.
But I prefer OpenPGP.
And I like to communicate my OpenPGP public key to everyone I write a mail to, so they can consider replying me via OpenPGP.

Understood - and you can, but it's unusual and complicated enough that I think requiring manual action for it is enough.

Forget about me mentioning the autocrypt header.

All I'm asking for is not to hide the "Attach My Public key" option in S/MIME mode. (which triggers a standard file attachment)
And instead of hiding the option, it might be helpful to rename it to "Attach My OpenPGP Public key".

This is simply what's always been possible using Enigmail.
Even when writing an S/MIME signed mail.

You need to log in before you can comment on or make changes to this bug.