Closed Bug 1775628 Opened 7 months ago Closed 18 days ago

Show the signature date of an OpenPGP-signed email

Categories

(MailNews Core :: Security: OpenPGP, enhancement)

Product:
MailNews Core
Component:
Security: OpenPGP
Type:
enhancement

Tracking

(Not tracked)

Status:
RESOLVED FIXED
Milestone:
110 Branch

People

(Reporter: KaiE, Assigned: KaiE)

Details

Attachments

(3 files, 1 obsolete file)

Bug 1775628 - Show the signature date of an OpenPGP-signed email. r=aleca
48 bytes, text/x-phabricator-request
Details | Review
no-date.png
46.86 KB, image/png
Details
sigdate.png
21.60 KB, image/png
Details

When receiving an email that is signed using OpenPGP, it would be interesting to be able to view the date when the signature was created.

I would like to find an initial implementation that could be added to 102, I found a string that we can reuse.

Attached image no-date.png

current implementation, no signature date shown

Attached image with-date.png (obsolete) —

signature date showing as implemented by initial patch revision

Alex, FYI, usually the time a signature was created matches the time the email was sent.
But it doesn't necessarily have to be that way.

One reason could be an attacker who's trying a replay attack - using an old signature from the past, and resending email with the same content, but with a current email date - trying to trick the recipient. (A statement that was true in the past, at original sender time, might no longer be true now.) I'm wondering if there are legit reasons for the dates to differ - maybe a delay in sending somewhere?

I would like to enable the user to view the signature date. I had needed it myself for debugging once.

Does it make sense to add it in the suggested way, see screenshot, or can you think of a better solution?
Another potential idea is to add a "view signature details" button, which could open a popup that shows the date, and potentially even more technical details.

In theory, we could decide to reject signatures as invalid, if the dates differ. But even in that scenario, the user might still want to see the signature date to understand the issue.

Flags: needinfo?(alessandro)

I would like to enable the user to view the signature date. I had needed it myself for debugging once.

I'm not an expert on this, but even your use case makes me think that this is a bit of an edge case scenario, therefore we don't need to always show this front and center and we can find a better way to show this data without adding extra info for an already pretty busy popup.

Another potential idea is to add a "view signature details" button, which could open a popup that shows the date, and potentially even more technical details.

I would suggest to add this info in the "view signature key" popup.

In theory, we could decide to reject signatures as invalid, if the dates differ. But even in that scenario, the user might still want to see the signature date to understand the issue.

This is more a security decision than UX, so I'll defer it to you, maybe in a dedicated bug, if you think it's worth exploring it.

Flags: needinfo?(alessandro)

(In reply to Alessandro Castellani [:aleca] from comment #5)

I would suggest to add this info in the "view signature key" popup.

That isn't the right place, because the "signature date" isn't a property of the "signature key"
Rather, it's a property of the message.

Here is another, simpler idea.
We could add it after the label that describes whether it's a "good digital signature" or something else.

Also, in the expected scenario where the signature date matches the message date, we could keep the date hidden.

Alex, I've quickly made an updated patch. I wonder if you think this is acceptable, because it's not requiring more space on screen, and no new strings?

Attachment #9298157 - Attachment is obsolete: true
Attached image sigdate.png

Maybe add a row before or after the Signer Key Id? I think it should say what that date is. With the above screenshot I wouldn't understand what the date represents. "Message signed: <date>"

(In reply to Magnus Melin [:mkmelin] from comment #10)

Maybe add a row before or after the Signer Key Id? I think it should say what that date is. With the above screenshot I wouldn't understand what the date represents. "Message signed: <date>"

That's what I had originally, but Alex didn't like the extra line. We have an updated suggestion from Alex in phab.

Attachment #9282436 - Attachment description: Bug 1775628 - Show the signature date of an OpenPGP-signed email. r=aleca → WIP: Bug 1775628 - Show the signature date of an OpenPGP-signed email.

I need to re-request review on the phab patch once Alex is back.

Flags: needinfo?(kaie)
Attachment #9282436 - Attachment description: WIP: Bug 1775628 - Show the signature date of an OpenPGP-signed email. → Bug 1775628 - Show the signature date of an OpenPGP-signed email. r=aleca
Flags: needinfo?(kaie)
Keywords: checkin-needed-tb
Target Milestone: --- → 110 Branch

Pushed by kaie@kuix.de:
https://hg.mozilla.org/comm-central/rev/3794574a97c8
Show the signature date of an OpenPGP-signed email. r=aleca

Status: NEW → RESOLVED
Closed: 18 days ago
Keywords: checkin-needed-tb
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.