199618 - Message Security Info shows encrypted signed and unsigned messages as unencrypted/unsigned if application/pkcs7-mime is embedded in a multipart/mixed container

Status: RESOLVED EXPIRED

(SeaMonkey :: MailNews: Message Display, defect)

Description

[Vladimír Solnický]

If I sent an encrypted and signed message (S/MIME) to yourself, the message is
successfully decrypted (requiring a certificate password), but the UI shows in
View/Message Security Info:

Message Has No Digital Signature
Message Not Encrypted

The same happen when someone else sends me en encrypted message. It does not
metter if the message is also signed or if it isn't. If I move the message from
IMAP to Local Folder, the situation is the same (buggy behaviour). 

This front-end bug may make user think that the message is not encrypted
although it is.

I reproduced it on Win XP but I think I saw this also on linux.

Comment 1

[Vladimír Solnický]

While tracking a different problem I found something that discribes the
situation when the bug mentioned above occures and can be reproduced:

It only seems to happen when ancrypted message of MIME type
application/x-pkcs7-mime or application/pkcs7-mime is inside of a MIME container
multipart/mixed (and maybe other multipart/* types). As our antiviral system
puts all messages with singlke part into such a container, I thought it is
regular in any situation (as it is in my environment). Mozilla is still much
better than outlook as outlook is not able toi decipher the message; mozilla
only does not show a security info properly.

I understand that it is not a common problem but as the change in MIME structure
 mentioned above is a valid chnage with no change of meaning in MIME definition,
it could be nice to have it repaired.

Thank you,

Vladimír

Comment 2

[Vladimír Solnický]

I changed to subject to follow the information mentioned in the comment #1. It
is proved now. I.e.

===========================
[...]
From: solnicky@vegacom.cz
Mime-Version: 1.0
Content-Type: application/x-pkcs7-mime

[encrypted data]
============================

is tagged well, but 

===========================
[...]
From: solnicky@vegacom.cz
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary=abc

--abc
Content-Type: application/x-pkcs7-mime

[encrypted data]

--abc--
============================

is tagged as nor encrypted, not signed, although it is decoded successfully.

Comment 3

[Frank Wein [:mcsmurf]]

Probably related: Bug 159238

Comment 4

[Robert Kaiser]

MASS-CHANGE:
This bug report is registered in the SeaMonkey product, but has been without a comment since the inception of the SeaMonkey project. This means that it was logged against the old Mozilla suite and we cannot determine that it's still valid for the current SeaMonkey suite. Because of this, we are setting it to an UNCONFIRMED state.

If you can confirm that this report still applies to current SeaMonkey 2.x nightly builds, please set it back to the NEW state along with a comment on how you reproduced it on what Build ID, or if it's an enhancement request, why it's still worth implementing and in what way.
If you can confirm that the report doesn't apply to current SeaMonkey 2.x nightly builds, please set it to the appropriate RESOLVED state (WORKSFORME, INVALID, WONTFIX, or similar).
If no action happens within the next few months, we move this bug report to an EXPIRED state.

Query tag for this change: mass-UNCONFIRM-20090614

Comment 5

[Robert Kaiser]

MASS-CHANGE:
This bug report is registered in the SeaMonkey product, but still has no comment since the inception of the SeaMonkey project 5 years ago.

Because of this, we're resolving the bug as EXPIRED.

If you still can reproduce the bug on SeaMonkey 2 or otherwise think it's still valid, please REOPEN it and if it is a platform or toolkit issue, move it to the according component.

Query tag for this change: EXPIRED-20100420