Mozilla comes with a MIME handler for application/x-pkcs7-signature which is counterproductive. The handler presents a worse interface than if the code were simply removed. The handler code should be removed. If Mozilla encounters a signature of a type it does not understand, it should simply ignore the signature. This is because the unsupported signature is of no possible use to the user. The knowledge that there was an unverifiable signature on the document is of no use to the user. The only possible thing the user could do with such knowledge is try to read the message with a different UA. Mozilla correctly ignores signatures if there is no handler registered for the signature's MIME type. So if application/x-pkcs7-signature had no handler, all would be peachy. signstub, however, is a handler for application/x-pkcs7-signature. It handles all signatures by displaying a vague, ambiguous, and confusing message to the user.
Also need to pull from Mac build and cvs rm all files in mailnews/mime/cthandlers/signstub/
Status: NEW → ASSIGNED
Jennifer, do you approve to remove the following message at the bottom of signed message like proposed by John: This message is possibly signed and/or encrypted. This application does not currently support signed or encrypted messages.
Reasoning to remove it makes sense to me, but I don't know enough about this area to make a call. Cc'ing putterman and kmurray.
I agre that it only points out the lack of support for encrypted messages. When we move to support signed messages, the detection obviously will need to go back in.
Encrypted messages get their own message from smimestub, which is being left alone. I am not proposing to take out the detection, that code remains.
Thanks for the clarification. Removing the sign/display only sounds fine.
Could someone please r= this bug?
Fix checked in.
Status: ASSIGNED → RESOLVED
Last Resolved: 18 years ago
Resolution: --- → FIXED
Verified fixed. I used to see this message all the time from people inside the firewall, but no longer see it. Also, I verified the code was checked in.
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.