Open Bug 1710624 Opened 5 years ago Updated 5 years ago

unwanted PGP-autosave messes up security settings and leads to mail text loss

Categories

(MailNews Core :: Security: OpenPGP, defect)

Product:
MailNews Core
Component:
Security: OpenPGP
Type:
defect

Tracking

(Not tracked)

Status:
UNCONFIRMED

People

(Reporter: eric_78, Unassigned)

References

Details

User Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36 OPR/76.0.4017.107

Steps to reproduce:

Use Case:
I own a S/MIME certificate and a pair of OpenPGP keys and installed those in Thunderbird.
Due to the fact, that only a minority of my mail contacts use digital signatures or encryption, I use the security settings just occasionally.

Software: Thunderbird 78.10.1 (64-Bit), Ubuntu 20.04.2 LTS (64-Bit)

Account Settings - Server Typ: IMAP Mail Server
Preferences - Composition - Auto Save every 5 minutes

End-to-End Encryption settings:

  • Do not enable encryption by default
  • Do not add my digital signature by default
  • Preferred encryption technology: Select automatically based on available keys or certificates

Reproducible example:
I start to write a new mail to a contact from whom I neither have a public certificate nor an OpenPGP key. The security settings are initially set to: Encryption technology: OpenPGP; Do Not Encrypt; Do Not Digitally Sign This Message, Do Not Attach My Public Key.
I write as subject: „Test“ and as mail text: "Start of writing the mail text at: 10:04 am. "
Then I'll wait a few minutes until the auto-save-function saves a draft into the IMAP-folder Drafts.
I continue and finish writing the mail text: "End of writing the mail text at 10:15 am."
Then I change the security settings to: Encryption technology: S/MIME. Do Not Encrypt; Digitally Sign This Message.
Finally I send the Message.

Actual results:

Result:
1.) The auto-saved draft is saved OpenPGP-encrypted, although the default setting for encryption is disabled.
2.) The mail is sent OpenPGP-encrypted and cannot be read by the recipient, although my intention was to digitally sign the mail with S/MIME only.
3.) The send mail text is only: "Start of writing the mail text at: 10:04 am. ", although the original text was: "Start of writing the mail text at: 10:04 am. End of writing the mail text at 10:15 am."
This shows that the last changes to the mail text, since the last autosave, has been lost.

Expected results:

Expected Results:
1.a) The content of a autosaved Draft regardless if unencrypted or not is most of the time older than the content of the message compose window. Because of that, only the content of the message compose window should be the reference for the message that is actually send, following the principle „what you see is what you get“.
1.b) If the default setting for encryption is disabled, drafts should not be encrypted.
2.) The mail should have been send unencrypted and digitally signend with S/MIME.
3.) The send mail text should have been: "Start of writing the mail text at: 10:04 am. End of writing the mail text at 10:15 am."

Component: Message Compose Window → Security: OpenPGP
Product: Thunderbird → MailNews Core
See Also: → 1697252
You need to log in before you can comment on or make changes to this bug.