Closed Bug 625432 Opened 13 years ago Closed 11 years ago

composing messages: per-recipient rules for S/MIME settings

Categories

(Thunderbird :: Security, enhancement)

Product:
Thunderbird
Component:
Security
Type:
enhancement
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED DUPLICATE of bug 269414

People

(Reporter: casmls, Unassigned)

Details

User-Agent:       Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.13) Gecko/20101209 Fedora/3.6.13-1.fc13 Firefox/3.6.13
Build Identifier: 

There are two ways to send and S/MIME message in an encrypted way:
a) set the "Default encryption setting when sending messages:" to "Required" (in the Account Security Settings).
b) manually activate encryption by enabling "Encrypt This Message" in the S/MIME menu when composing a message

Both possibilities have disadvantages if a user does not S/MIME encrypt 100% of his outgoing emails: 
(a) is in the most cases not feasible as many outgoing emails still will be unencrypted and a user would need to disable the encryption before being able to send unencrypted messages (this impacts the user experience seriously).

Manually activating encryption per message (b) brings along the high risk to send a message accidentally in an unencrypted manner.


Therefore I would suggest to implement per-recipient rules for S/MIME as it is already implemented by the Enigmail extension for GPG/PGP only:
http://enigmail.mozdev.org/documentation/pgprules.php.html

This enhancement would improve 
- the user experience for S/MIME users because after the creation of a per-recipient rule no manual intervention is required
- the security, by reducing the risk of accidentally sending messages unencrypted


Reproducible: Always
Component: General → Security
QA Contact: general → thunderbird
I agree that the current method is not satisfactory.

I think what we need is another choice in the settings: "encrypt if recipient certificate is available".

Additionally, the compose message dialogue needs to be modified to clearly show at a glance wether or not the messages will be sent encrypted or unencrypted (something it fails to do at the moment).
I opened a new bug for the "show S/MIME status" problem in the compose window. It's bug 730793.
Duplicate of bug 269414?
Status: UNCONFIRMED → RESOLVED
Closed: 11 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.