Closed Bug 1859221 Opened 2 years ago Closed 2 years ago

Bad decisions regarding SMIME-Signatures and old signature algorithms

Categories

(MailNews Core :: Security: S/MIME, enhancement)

Product:
MailNews Core
Component:
Security: S/MIME
Version:
Thunderbird 115
Platform:
x86_64
Windows 10
Type:
enhancement

Tracking

(Not tracked)

Status:
RESOLVED DUPLICATE of bug 1854592

People

(Reporter: nordmann, Unassigned)

Details

Thunderbird 115 does not support old signature algorithms like SHA-1 or MD5 and therefore declares E-Mails using old signature algorithms as invalid. In addition it marks the SMIME-icon for that E-Mail with a red exclamation mark.

This confuses the avarage user when E-Mail switch from "valid" to "invalid" due to an updated Thunderbird.

While it is perfectly fine not to use SHA1- or MD5 for creation of new signatures it would be more userfriendly not to panic users when they receive E-Mails with SHA-1-/MD5-Signatures.

May changing the color of the exclmation mark from red to yellow or blue with a changed wording like this:

"Digital signature maybe valid!
The signature was made with an old depreciated weak signature algorithm.
The signature seems valid, but maybe forged!
Proceed with caution!"

This would also kind a be inline with RFC 8551 Appendix B where handling of historic emails is discussed. See https://datatracker.ietf.org/doc/html/rfc8551#appendix-B

With regards

Christian

Status: UNCONFIRMED → RESOLVED
Closed: 2 years ago
Component: Message Reader UI → Security: S/MIME
Duplicate of bug: 1854592
Product: Thunderbird → MailNews Core
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.