203824 - S/MIME certificates in signature do not import

Status: RESOLVED WORKSFORME

(MailNews Core :: Security: S/MIME, defect)

Description

[James Rome]

For the Win2k 2003042804 build, I get a signed e-mail sent from either Outlook
or Mozilla. In boith cases, there seems no way to import the person's public key
into my "others" key store. I can view the signature (which is valid), but that
is all. Previously, this was imported automatically.

There is nothing registered to handle
application/x-pkcs7-signature

Here is an address-changed copy of the mail contents:
Return-path: <sender@a.gov>
Received: from emroute1.mail.gov (emroute1.mail.gov [ip addr])
by Receiver.a.GOV (PMDF V6.2 #30670)
with ESMTP id <01KV5IMD1VAS8X1S3D@receiver.a.GOV> for me@a.GOV
(ORCPT me@a.gov); Fri, 25 Apr 2003 17:42:34 -0400 (EDT)
Received: from emroute1.mail.a.gov (localhost [127.0.0.1])
by emroute1.mail.gov (PMDF V6.2 #30669)
with ESMTP id <0HDX001065MWX7@emroute1.mail.a.gov> for me@fa.gov
(ORCPT me@a.gov); Fri, 25 Apr 2003 17:42:34 -0400 (EDT)
Received: from senderpc (senderpc.a.gov [ip address)
by emroute1.mail.a.gov (PMDF V6.2 #30669)
with SMTP id <0HDX00MDY5MVS2@emroute1.mail.a.gov> for me@a.gov
(ORCPT me@a.gov); Fri, 25 Apr 2003 17:42:31 -0400 (EDT)
Date: Fri, 25 Apr 2003 17:42:27 -0400
From: sender@a.gov>
Subject: Re: Enctryption Key
To: me@a.gov>
Reply-to: sender@a.gov>
Message-id: <001201c30b73$93491250$c309db80@a.gov>
Organization: My Company
MIME-version: 1.0
X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
X-Mailer: Microsoft Outlook Express 6.00.2800.1158
Content-type: multipart/signed;
boundary="----=_NextPart_000_000E_01C30B52.0C15E090"; micalg=SHA1;
protocol="application/x-pkcs7-signature"
X-Priority: 3
X-MSMail-priority: Normal
References: <3EA930AC.30204@a.gov> <002301c30b2e$b7be0270$c309db80@a.gov>
<3EA93D51.3010106@a.gov> <007601c30b55$dff50b90$c309db80@a.gov>
<3EA97D62.9090306@a.gov> <009601c30b58$1691b020$c309db80@a.gov>
<3EA98685.4070602@a.gov> <00c201c30b63$43298c10$c309db80@a.gov>
<3EA99A6C.2090309@a.gov> <010901c30b6a$7cb9dbe0$c309db80@a.gov>
<3EA9AB0A.8020503@a.gov>
Original-recipient: rfc822;me@a.gov

This is a multi-part message in MIME format.

------=_NextPart_000_000E_01C30B52.0C15E090
Content-Type: text/plain;
    charset="iso-8859-1"
Content-Transfer-Encoding: 7bit

Hi, this is signed.

------=_NextPart_000_000E_01C30B52.0C15E090
Content-Type: application/x-pkcs7-signature;
    name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
    filename="smime.p7s"

MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIPpzCCA60w
ggMWoAMCAQICBDyGbZ8wDQYJKoZIhvcNAQEFBQAwbjELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD1Uu
Uy4gR292ZXJubWVudDEdMBsGA1UECxMURGVwYXJ0bWVudCBvZiBFbmVyZ3kxJjAkBgNVBAsTHU9h
ayBSaWRnZSBOYXRpb25hbCBMYWJvcmF0b3J5MB4XDTAyMDMwNjE4NTcyOFoXDTIyMDMwNjE5Mjcy
OFowbjELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD1UuUy4gR292ZXJubWVudDEdMBsGA1UECxMURGVw
.....
k7OtvjyeMAeHi47gAPr54tT2qxa8eAks7qd60xLFpv9+wqXIqiUjYoh3x8QIhM78MLTkPUd9NQUA
AAAAAAA=

------=_NextPart_000_000E_01C30B52.0C15E090--

Comment 1

[Nelson Bolyard (seldom reads bugmail)]

Hi James,

mozilla now imports encryption certs automatically, but does not import 
signing-only certs.  Perhaps the cert that wasn't imported was a signing-only
cert, e.g. a cert whose extensions says it is valid only for signatures?

Comment 2

[James Rome]

I hope it asks before importing if there is already a certificate from that
person. Otherwise someone could poison your certificate store by sending
messages signed with bogus certificates.

I have not tried s/mime in a while though....

Comment 3

[John G. Myers]

Reporter, please attach the full message so we can eliminate the possibility
that the certs were signing only.

Comment 4

[James Rome]

I no longer have the original, but am trying to recreate the event.

Comment 5

[John G. Myers]

Mass reassign ssaux bugs to nobody