Open
Bug 598282
Opened 15 years ago
Updated 3 years ago
ESS: Security Labels (RFC2634 - 3)
Categories
(MailNews Core :: Security: S/MIME, enhancement)
MailNews Core
Security: S/MIME
Tracking
(Not tracked)
NEW
People
(Reporter: raphael.fairise.bugs, Unassigned)
References
()
Details
(Whiteboard: [patchlove][needs new assignee])
Attachments
(6 files)
|
12.45 KB,
patch
|
Details | Diff | Splinter Review | |
|
94.05 KB,
patch
|
clarkbw
:
review+
|
Details | Diff | Splinter Review |
|
2.22 KB,
patch
|
Details | Diff | Splinter Review | |
|
51.83 KB,
patch
|
Details | Diff | Splinter Review | |
|
2.92 KB,
text/xml
|
Details | |
|
5.22 KB,
text/xml
|
Details |
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.9.2.10) Gecko/20100914 Firefox/3.6.10
Build Identifier:
Here is a patch for comm-central which provides RFC 2634 S/MIME Security Labels for Thunderbird and Seamonkey.
A security label is a set of security information regarding the sensitivity of the content that is protected by S/MIME encapsulation.
A security label is a S/MIME signature attribute composed of:
* Security Policy Identifier
* Security Classification (optional)
* Privacy Mark (optional)
* Security Categories (optional)
The patch is split in 4 parts:
* patch-smime-security-labels-backend.diff (for comm-central)
* patch-smime-security-labels-ui.diff (for comm-central)
* patch-smime-security-labels-style.diff (for comm-central)
* patch-smime-security-labels-nss.diff (for mozilla-central)
(These patches have been updated with comm-central as of 2010/09/20)
Screenshots are available here (in Trustedbird 3.1 section):
http://adullact.net/plugins/mediawiki/wiki/milimail/index.php/Security_Labels
You can test this feature in Thunderbird 3.1 by downloading our test build called Trustedbird:
http://adullact.net/plugins/mediawiki/wiki/milimail/index.php/Trustedbird
Security policies should be installed as an XML file in a "securityLabel" directory in user's profile directory.
A security policy sample (securityLabelPolicy-sample.xml) and its XML schema (securityLabelPolicy-schema.xsd) are attached to this bug.
What needs to be watched/checked carefully:
* memory management in NSS: I'm not sure to have understood everything about
memory allocation/freeing with arena pools.
* functions to DER-encode/decode OID strings.
Ideas:
* Hide the menu item "S/MIME Security Label" when no XML profiles are installed.
Reproducible: Always
|
Reporter | |
Comment 1•15 years ago
|
||
|
|
Reporter | |
Comment 2•15 years ago
|
||
|
|
Reporter | |
Comment 3•15 years ago
|
||
|
|
Reporter | |
Comment 4•15 years ago
|
||
|
|
Reporter | |
Comment 5•15 years ago
|
||
|
|
Reporter | |
Comment 6•15 years ago
|
||
|
|
Reporter | |
Updated•15 years ago
|
Attachment #477083 -
Attachment mime type: application/octet-stream → text/xml
|
|
Reporter | |
Updated•15 years ago
|
Version: unspecified → Trunk
|
|
Reporter | |
Updated•15 years ago
|
Attachment #477078 -
Flags: review?(kaie)
|
|
Reporter | |
Updated•15 years ago
|
Attachment #477079 -
Flags: review?(clarkbw)
|
|
Reporter | |
Updated•15 years ago
|
Attachment #477081 -
Flags: review?(wtc)
|
||
Updated•15 years ago
|
Assignee: nobody → raphael.fairise.bugs
|
|
||
Updated•15 years ago
|
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
|
||
Comment 7•15 years ago
|
||
Comment on attachment 477079 [details] [diff] [review]
patch-smime-security-labels-ui.diff
(I feel like I did this once before but perhaps it got lost)
In general I'm wondering if you want more visible space to indicate when an email has a security label. i.e. Once you've applied the label it might make sense to show the applied labels in the compose area window somewhere. Similarly for the labels when displaying the message in the message header. Treating them more like tags.
Going by the screenshots, here a quick review of the ui labels
=Compose window=
Menu item label seems fine
=Settings=
You likely don't need the header for this dialog.
The Security Categories looks a little non-standard but understandable and perhaps even better than more of those chooser types. See a more standard type in "Preferences ... Composition -> (Keywords...)"
=Compose Info=
I would format the "Please note" section differently.
In HTML / ASCII:
<center><span style="color:HighlightText;background-color:Highlight;">(!) Note: Email subjects are never encrypted.</span></center>
=View and sort messages with the security classification column=
I might name that column "Security" instead of "Security Classification" just to be brief and take up less space. Column names don't have to be the exact meaning as they are just for reference.
=Message security info=
Looks fine.
Attachment #477079 -
Flags: review?(clarkbw) → review+
|
|
||
Comment 8•15 years ago
|
||
kaie review ping ?
|
||
Comment 9•13 years ago
|
||
Any news on this bug? Or it seems abandoned? Like Trustedbird at all? Thats bad :(
|
||
Comment 10•13 years ago
|
||
Comment on attachment 477078 [details] [diff] [review]
patch-smime-security-labels-backend.diff
sorry, I don't have time to review this
also any new feature would require automated tests
Attachment #477078 -
Flags: review?(kaie) → review?
|
||
Comment 11•13 years ago
|
||
Comment on attachment 477078 [details] [diff] [review]
patch-smime-security-labels-backend.diff
Clearing review request completely, if Raphaël or someone is willing to pick this up and update the patch as well as provide unit tests, then we can try and find someone to review it.
Attachment #477078 -
Flags: review?
|
||
Comment 12•12 years ago
|
||
Raphael is unable to continue with the patches
Assignee: raphael.fairise.bugs → nobody
Status: ASSIGNED → NEW
Whiteboard: [patchlove][needs new assignee]
|
|
||
Comment 13•10 years ago
|
||
Removing myslef on all the bugs I'm cced on. Please NI me if you need something on MailNews Core bugs from me.
|
||
Updated•3 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•