Open Bug 867478 Opened 12 years ago Updated 1 year ago

Remove support for email certificates from Gecko

Categories

(Core :: Security: PSM, defect, P3)

Product:
Core
Component:
Security: PSM
Type:
defect

Tracking

()

People

(Reporter: briansmith, Unassigned)

References

(Blocks 1 open bug)

Details

(Keywords: addon-compat, main-thread-io, perf, Whiteboard: [psm-backlog])

+++ This bug was initially created as a clone of Bug #867473 +++ +++ This bug was initially created as a clone of Bug #867432 +++ +++ This bug was initially created as a clone of Bug #775698 +++ These functions should be removed: nsIX509CertDB.findEmailEncryptionCert nsIX509CertDB.findEmailSigningCert nsIX509CertDB.findCertByEmailAddress nsIX509CertDB.importEmailCertificate Additionally, the "People" tab of the certificate manager should be removed. None of these things are useful for Firefox. All of these things are used by Thunderbird. So, Thunderbird's S/MIME support will need to adopt the missing functionality in comm-central. Note that all of these functions do I/O on the main thread.
Presumably there's some existing APIs that S/MIME can hook into that are async? At a quick glance, I didn't see them, but maybe I'm looking in the wrong place. If we do need some additional async apis, then we'll need a bug for them. What's the people tab actually used for? I've never really looked at it before today, is it useful for anything?
(In reply to Mark Banner (:standard8) from comment #1) > Presumably there's some existing APIs that S/MIME can hook into that are > async? At a quick glance, I didn't see them, but maybe I'm looking in the > wrong place. If we do need some additional async apis, then we'll need a bug > for them. There are a few things in PSM that I would like to remove from PSM, but which is needed by Thunderbird, including this stuff and others. I think the best solution is to simply create a new component in mailnews that can expose these mail/news-specific things. Then, we don't have to bother with converting them from sync to async unless/until it becomes a priority for Thunderbird. > What's the people tab actually used for? I've never really looked at it > before today, is it useful for anything? The people tab seems to be for the S/MIME certificates that the user has stored by extracting them from email received from those people. I think it may be useful to mailnews users but it is just confusing to have it in Firefox. I don't know much about XUL, but I think this is something that we can do by removing the tab from PSM and then having mailnews add it back with a XUL overlay or similar.
(In reply to Mark Banner (:standard8) from comment #1) > What's the people tab actually used for? I've never really looked at it > before today, is it useful for anything? Yes - as pointed out by Brian, it allows you to view/manage the certificates which have been automatically imported from signed messages (http://hg.mozilla.org/mozilla-central/annotate/69008b1fd6eb/security/manager/ssl/src/nsCMS.cpp#l255). It also allows you to import a recipient's encryption certificate from a file ("Import..."), and it's the only [GUI] way to delete expired mail recipient certificates from the cert database. I agree that removing it from Firefox makes sense (I can't think of a situation where the browser really needs this tab). Note that the "People" tab is already in a separate overlay (http://mxr.mozilla.org/mozilla-central/source/security/manager/pki/resources/content/OthersOverlay.xul), so it shouldn't be too hard to make it mailnews-only. Bug 164707 might be helpful for determining what changes are needed (these happened when the "Other" tab was added - now it would be about reversing this for the "People" tab).
Whiteboard: [psm-backlog]
Priority: -- → P3
Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.