Please add support for S/MIME certificates with non-ASCII email addresses
Categories
(MailNews Core :: Security: S/MIME, enhancement)
Tracking
(Not tracked)
People
(Reporter: adriano.santoni, Unassigned)
Details
Actual results:
As of today, TB does not support a type of S/MIME certificates that is however expressly provided for by the Mozilla Root Store Policy [1], namely S/MIME certificates in which the owner's email address, in the SAN extension, is not found in an rfc822Mailbox element (as is usually the case) but in an SmtpUTF8Mailbox element. In the face of such a certificate, TB not only does not display the certificate details correctly (the email address is displayed as "not supported"), but is not even able to validate a correctly signed S/MIME email with such a certificate (presumably because of the first problem). It should also be kept in mind that such an email address can also contain non-ASCII characters.
[1] https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/
Updated•15 days ago
|
Updated•15 days ago
|
Description
•