Closed
Bug 1808118
Opened 2 years ago
Closed 2 years ago
Remove insecure encryption algorithms from S/MIME
Categories
(Thunderbird :: Security, enhancement)
Tracking
(Not tracked)
RESOLVED
DUPLICATE
of bug 1531735
People
(Reporter: marportugues, Unassigned)
Details
Steps to reproduce:
Send S/MIME signed e-mail message to my self.
Open the message with external P7M viewer.
The program displays my encryption preferences set by Thunderbird:
aes256
aes128
3des
rc2 128
rc2 64
des
rc2 40
Actual results:
Appears:
aes256
aes128
3des
rc2 128
rc2 64
des
rc2 40
Expected results:
It should only support:
aes256
and (optionally, activated in about:config for legacy compatibility where needed):
aes128
3des
The ciphers bellow must not be present to prevent downgrade attacks on S/MIME:
rc2 128
rc2 64
des
rc2 40
Updated•2 years ago
|
Status: UNCONFIRMED → RESOLVED
Closed: 2 years ago
Duplicate of bug: 1531735
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•