Closed
Bug 903320
Opened 11 years ago
Closed 11 years ago
[email][security] mail client should support S/MIME signatures and encryption
Categories
(Firefox OS Graveyard :: Gaia::E-Mail, defect)
Firefox OS Graveyard
Gaia::E-Mail
Tracking
(Not tracked)
RESOLVED
DUPLICATE
of bug 894817
People
(Reporter: Chris78, Unassigned)
Details
User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:22.0) Gecko/20100101 Firefox/22.0 (Beta/Release) Build ID: 2013062200 Steps to reproduce: Write a mail Actual results: no option to digitally sign the email; no option to use s/mime encryption Expected results: There should be an option to digitally sign and/or encrypt an email. This feature also affects Gaia::Contacts, where the public keys of the contacts should be stored.
Comment 1•11 years ago
|
||
Andrew, I really think the certificate should be stored in the email app instead. What do you think ?
Flags: needinfo?(bugmail)
Reporter | ||
Comment 2•11 years ago
|
||
(duplicate of #894817 )
Comment 3•11 years ago
|
||
Thanks for helping point out the potential dupe, Chris78! I think if we were going to store the public keys somewhere central for reuse, mozContacts would be the natural place. However, I don't think there's really an appropriate field for that on ContactProperties (http://contacts-manager-api.sysapps.org/#contactproperties-interface) and I worry about both bloating the card size with data no other consumers would want and which opens up a potential attack surface. If the e-mail app remains in charge of the keys, it can track their provenance and avoid getting tricked by other apps. (I'm thinking about PGP keys here too, I realize S/MIME uses a centralized infrastructure so getting tricked is less of a problem.) Having said that, I do think we would want to be able to pull in public keys from other clients where the user has already vetted the certs / has a web-of-trust/etc.
Status: UNCONFIRMED → RESOLVED
Closed: 11 years ago
Flags: needinfo?(bugmail)
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•