Closed Bug 312615 Opened 19 years ago Closed 18 years ago

Digitally signed emails (S/MIME) are displayed as "content might have been modified/invalid signature" at recipients

Categories

(Thunderbird :: General, defect)

Product:
Thunderbird
Component:
General
Platform:
x86
Windows XP
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: n+thunderbird, Assigned: mscott)

References

Details

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.12) Gecko/20050915 Firefox/1.0.7
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.12) Gecko/20050915 Firefox/1.0.7

Whenever I send a digitally signed email (S/MIME with Thawte Freemail key) the
recipient recieves an email, that has an invalid signature (contents might have
been modified). If I try to use the same key from a different machine it works.
I have also tried to uninstall thunderbird, remove the %USERPROFILE%\Application
Data\Thunderbird folder and reinstall thunderbird, reimport the key and sign
email, but to no avail - the problem persists. Is there anything more I can do
to make it work? (The signing works ok on the same machine if I use Outlook for
example).

Reproducible: Always

Steps to Reproduce:
1. Create new email
2. Send the mail...
3.

Actual Results:  
The mail is signed, but signature is invalid (the certificate is valid though)

Expected Results:  
The signature should have been valid.
*** Bug 312617 has been marked as a duplicate of this bug. ***
*** Bug 312617 has been marked as a duplicate of this bug. ***
Does it make any differece for you to sign-only v.s. sign+encrypt? I am tracking similar bug right now. It is easier to focus on sign-only case in case both fail.
it did not at that time, the problem has dissapeared with setting the following:
tools->options->composition
The option: "For messages that contain 8-bit characters, use 'quoted printable' MIME encoding. Leave uncheckd to send the message as is." MUST be ticked.
Status: UNCONFIRMED → RESOLVED
Closed: 18 years ago
Resolution: --- → FIXED
interesting. The problem in SMIME signature I am tracking fits into this scenario. The by default the Content-Type is format=flowed which allows whitespaces at the end of lines. Quoted-printable usually does not. In the case I am tracking trailing spaces are stripped before the signed message is put into encryption envelope. 

So if the the message digest is calculated on the message with a trailing space, which is later removed, the message will fail to verify.    
the original reporter seems to have found a work-around rather than a fix?

see also bug 343568
You need to log in before you can comment on or make changes to this bug.