User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.2.1) Gecko/20021130 Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.2.1) Gecko/20021130 If user A sends a SMIME-encypted email to user B containing a binary file, this works. If user B decides to forward this email to user C also using SMIME-encryption the email reaches C in the encrypted form and C can decrypt it. The attachment is still there, but it is base-64-encoded twice! It is a normal MIME-attachment (with header and base-64-encoded content), and after decoding the base-64-content the result again is base-64-encoded (but there is no MIME-header). So when forwarding the email, each base-64-encoded attachment seems to be base-64-encoded again. This does not happen if I send each email unencrypted (= no SMIME). Reproducible: Always Steps to Reproduce: 1.Create an email to yourself. The email should include a binary attachment. 2.Select "SMIME-encryption" for the email and send it. 3.If you received the email forward it again to your own account. 4. Save the attachment. The file is the base-64-encoded form of the originally attached file... Actual Results: The file is the base-64-encoded form of the originally attached file... Expected Results: The file should be the exactly the originally attached file.
no security hole = not security general
This should be fixed in versions later than 1.2.x, please try out Mozilla 1.3 alpha or a recent nightly build - in the hope you don't run into other trouble, we are researching some other bugs in the security database currently. If you try out a nightly trunk build of Mozilla, please make sure you have a backup of your profile before trying. *** This bug has been marked as a duplicate of 179082 ***