Open
Bug 327493
Opened 19 years ago
Updated 1 year ago
Support time-stamp protocol (TSP) as per RFC3161
Categories
(Thunderbird :: Security, enhancement)
Thunderbird
Security
Tracking
(Not tracked)
UNCONFIRMED
People
(Reporter: hauser, Unassigned)
References
()
Details
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.1) Gecko/20060111 Firefox/1.5.0.1
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.1) Gecko/20060111 Firefox/1.5.0.1
PKCS#7 data-structures are used to create detached smime signatures (multipart/signed; protocol="application/pkcs7-signature"; micalg=sha1;)
PKCS#7 also contains a section "unsigned attributes" where a signed RFC 3161 timestamp token (e.g. in java use org.bouncycastle.asn1.tsp.TSTInfo) could be added
Reproducible: Always
Actual Results:
currently such information most likely is simply ignored, possibly it worse might prevent the signature from validating.
Expected Results:
besides the signature icon, if also a tsp token is present, a second icon should be shown (clock+stamp?or notary?) and when clicking on this, the certified time plus the certifiers x509 certificate should be shown (e.g. an EPM service as per http://www.upu.int).
Jeroen's https://addons.mozilla.org/extensions/moreinfo.php?id=306&application=thunderbird extension is a good first step, but it doesn't allow for third party notarization.
|
Reporter | |
Updated•19 years ago
|
|
|
Reporter | |
Comment 1•19 years ago
|
||
today, a multipart/signed; protocol="application/pkcs7-signature" consists of
2 parts, the content and the detached signature.
Possibly, a third part should be added: _int.upu.www.EPMService.schemas.ReceiptType that is a more elaborate statement by the time-certifier. This could be a third mime-bodypart and might need a third button to view/validate
|
||
Updated•7 years ago
|
Assignee: dveditz → nobody
|
||
Updated•3 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•