Closed Bug 431660 Opened 17 years ago Closed 17 years ago

Duplicate certificate sent

Categories

(MailNews Core :: Security: S/MIME, defect)

Product:
MailNews Core
Component:
Security: S/MIME
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED DUPLICATE of bug 354273

People

(Reporter: mozilla-bugs, Assigned: KaiE)

Details

User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.10) Gecko/20070530 Firefox/1.0.4 (Debian package 1.0.4-2sarge17) Build Identifier: Thunderbird 2.0.0.12 (Windows/2008021305) When sending a signed message the certificate for siogning and encryption is sent. If both are the same, the resulting messag has a duplicate. This of course wastes bandwith and storage :-). Reproducible: Always Steps to Reproduce: 1. Sign a message (use same certificate in encryption) 2. On receiving end, save the raw message 3. Use openssl to verify: openssl smime -pk7out -in email_certs.txt | openssl pkcs7 -print_certs Actual Results: The same certificate twice Expected Results: Just one :-). If you clear the encryption certificate it is indeed sent once. The disadvantage is that encryption is not possible anymore...
Please forward to me, as an attachment, a signed email message that has the same certificate in it twice. Thanks.
Or, if you can send an email to me that is signed, whose signature contains the same cert twice, please do so.
Component: General → Security
QA Contact: general → thunderbird
Known issue. Bug 354273 comment 2 has a fix for this (attachment 295619 [details] [diff] [review]).
Status: UNCONFIRMED → NEW
Ever confirmed: true
OS: Windows XP → All
Hardware: PC → All
This bug is probably a duplicate of bug 354273 (which I had not seen before). Henk, if you will send me a message as I requested in comment 1 and comment 2 above, I can determine if it is really a duplicate or not.
Assignee: nobody → kaie
Component: Security → Security: S/MIME
Product: Thunderbird → Core
QA Contact: thunderbird → s.mime
I had searched if the issue was known, but failed to find this one :(. The problem is identical, but in my case the root certificate is not send. Probably because it is in the "Software Security Device". Although it should not be a problem to send the root certificate, this is not done in most cases. The root certificate should be present on the receiving end or they should explicatly import it. If you build a chain for say a webserver you don't include the root certificate either. At least that is what I see in many manuals... I've send a testmail as requested. But I think we can close this one as a duplicate.
Status: NEW → RESOLVED
Closed: 17 years ago
Resolution: --- → DUPLICATE
icedove? Henk, You're using Icedove, not Thunderbird. Icedove is Debian's modified version of Thunderbird. Considering the liberties that Debian takes with the sources of some of the products it delivers [1], I'd say there's some chance that you will experience issues with Icedove that are not also present in Thunderbird. Please submit Icedove bugs to Debian, and Thunderbird bugs to Mozilla. [1]: witness: http://metasploit.com/users/hdm/tools/debian-openssl/
I think if he tests the bug is present in an unmodified version of thunderbird, too, it should be fine to report it here. But that's an important test, so we make sure we don't work on bugs that are pure Icedove bugs.
I know that Debian sometimes has local issues and if that is the case I report it of course there. You can find my name in the Debian bugtraq as well :-). In this case I discovered the bug in the Windows version of Thunderbird -- when I was writing an article about certificates for a Dutch computermagazine -- and that one was downloaded from the Mozilla website. So it is not a Debian issue I think. My main operating system is Linux (Debian to be more specific) however and that is why you got an test e-mail with Icedove. Sorry for the confusion. If you want I can reconfigure the Windows Thunderbird client again and send a test mail to you from that version. However the result will be the same, unless I realy screwed up :-).
Just to be absolutly sure I just send you another test mail from Windows: User-Agent: Thunderbird 2.0.0.14 (Windows/20080421) I've tested the sent message and it does show the duplicate certificate.
Product: Core → MailNews Core
You need to log in before you can comment on or make changes to this bug.