User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:220.127.116.11) Gecko/20060111 Firefox/18.104.22.168 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:22.214.171.124) Gecko/20060111 Firefox/126.96.36.199 PKCS#7 data-structures are used to create detached smime signatures (multipart/signed; protocol="application/pkcs7-signature"; micalg=sha1;) PKCS#7 also contains a section "unsigned attributes" where a signed RFC 3161 timestamp token (e.g. in java use org.bouncycastle.asn1.tsp.TSTInfo) could be added Reproducible: Always Actual Results: currently such information most likely is simply ignored, possibly it worse might prevent the signature from validating. Expected Results: besides the signature icon, if also a tsp token is present, a second icon should be shown (clock+stamp?or notary?) and when clicking on this, the certified time plus the certifiers x509 certificate should be shown (e.g. an EPM service as per http://www.upu.int). Jeroen's https://addons.mozilla.org/extensions/moreinfo.php?id=306&application=thunderbird extension is a good first step, but it doesn't allow for third party notarization.
today, a multipart/signed; protocol="application/pkcs7-signature" consists of 2 parts, the content and the detached signature. Possibly, a third part should be added: _int.upu.www.EPMService.schemas.ReceiptType that is a more elaborate statement by the time-certifier. This could be a third mime-bodypart and might need a third button to view/validate