Closed
Bug 551248
Opened 15 years ago
Closed 15 years ago
Encrypt messages using a certificate that does not include an email address
Categories
(Thunderbird :: Security, enhancement)
Thunderbird
Security
Tracking
(Not tracked)
RESOLVED
DUPLICATE
of bug 189046
People
(Reporter: kathleen.a.wilson, Unassigned)
Details
The request is to update Thunderbird to allow users to encrypt a message using a certificate that does not include an email address.
Summary of current behavior:
- It is possible to send and receive digitally signed messages in Tbird
using certs without an email address;
- Tbird displays a clear message when a certificate, that does not contain an email address, is used to sign the message. Tbird complies with the general PKI principal (the cert info is dominating) and with the S/MIME standard;
- Tbird does not allow you to encrypt a message with a cert that does not contain an email address. It is possible to decrypt such a digitally signed and encrypted message sent from another email client.
For details, please see
https://bugzilla.mozilla.org/show_bug.cgi?id=431085#c5
|
Reporter | |
Updated•15 years ago
|
Summary: Encrypt email using a cert without an email address → Encrypt messages using a certificate that does not include an email address
|
||
Comment 1•15 years ago
|
||
Doesn't that defeat S/Mime ? Isn't there a RFC on the matter somewhere ?
|
|
Reporter | |
Comment 2•15 years ago
|
||
Section 3 from RFC 5750 (http://tools.ietf.org/html/rfc5750#section-3): ”End-entity certificates MAY contain an Internet mail address…”
…..”Receiving agents MUST recognize and accept certificates that contain no
email address.” ……”Receiving agents MUST check that the address in the From or
Sender header of a mail message matches an Internet mail address, if present,
in the signer's certificate, if mail addresses are present in the certificate.
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•