Get rid of signstub handler

VERIFIED FIXED

Status

VERIFIED FIXED
18 years ago
10 years ago

People

(Reporter: jgmyers, Assigned: jgmyers)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment)

(Assignee)

Description

18 years ago
Mozilla comes with a MIME handler for application/x-pkcs7-signature which is 
counterproductive.  The handler presents a worse interface than if the code were 
simply removed.  The handler code should be removed.

If Mozilla encounters a signature of a type it does not understand, it should 
simply ignore the signature.  This is because the unsupported signature is of no 
possible use to the user.  The knowledge that there was an unverifiable 
signature on the document is of no use to the user.  The only possible thing the 
user could do with such knowledge is try to read the message with a different 
UA.

Mozilla correctly ignores signatures if there is no handler registered for the 
signature's MIME type.  So if application/x-pkcs7-signature had no handler, all 
would be peachy.

signstub, however, is a handler for application/x-pkcs7-signature.  It handles 
all signatures by displaying a vague, ambiguous, and confusing message to the 
user.
(Assignee)

Comment 1

18 years ago
Created attachment 30620 [details] [diff] [review]
Proposed fix.
(Assignee)

Comment 2

18 years ago
Also need to pull from Mac build and cvs rm all files in 
mailnews/mime/cthandlers/signstub/
Status: NEW → ASSIGNED
Jennifer, do you approve to remove the following message at the bottom of signed
message like proposed by John:

This message is possibly signed and/or encrypted. This application does not
currently support signed or encrypted messages.


Comment 4

18 years ago
Reasoning to remove it makes sense to me, but I don't know enough about this 
area to make a call.  Cc'ing putterman and kmurray.

Comment 5

18 years ago
I agre that it only points out the lack of support for encrypted messages. When
we move to support signed messages, the detection obviously will need to go back in.
(Assignee)

Comment 6

18 years ago
Encrypted messages get their own message from smimestub, which is being left 
alone.

I am not proposing to take out the detection, that code remains.

Comment 7

18 years ago
Thanks for the clarification. Removing the sign/display only sounds fine.
(Assignee)

Comment 8

18 years ago
Could someone please r= this bug?
R=ducarroz
(Assignee)

Comment 11

18 years ago
Fix checked in.
Status: ASSIGNED → RESOLVED
Last Resolved: 18 years ago
Resolution: --- → FIXED
Verified fixed.  I used to see this message all the time from people inside the
firewall, but no longer see it.  Also, I verified the code was checked in.
Status: RESOLVED → VERIFIED
Product: MailNews → Core
Product: Core → MailNews Core
You need to log in before you can comment on or make changes to this bug.