903320 - [email][security] mail client should support S/MIME signatures and encryption

Status: RESOLVED DUPLICATE of bug 894817

(Firefox OS Graveyard :: Gaia::E-Mail, defect)

Description

[[:Chris78]]

User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:22.0) Gecko/20100101 Firefox/22.0 (Beta/Release)
Build ID: 2013062200

Steps to reproduce:

Write a mail


Actual results:

no option to digitally sign the email;
no option to use s/mime encryption


Expected results:

There should be an option to digitally sign and/or encrypt an email.

This feature also affects Gaia::Contacts, where the public keys of the contacts should be stored.

Comment 1

[Julien Wajsberg [:julienw]]

Andrew, I really think the certificate should be stored in the email app instead. What do you think ?

Comment 2

[[:Chris78]]

(duplicate of #894817 )

Comment 3

[Andrew Sutherland [:asuth] (he/him)]

Thanks for helping point out the potential dupe, Chris78!

I think if we were going to store the public keys somewhere central for reuse, mozContacts would be the natural place.  However, I don't think there's really an appropriate field for that on ContactProperties (http://contacts-manager-api.sysapps.org/#contactproperties-interface) and I worry about both bloating the card size with data no other consumers would want and which opens up a potential attack surface.  If the e-mail app remains in charge of the keys, it can track their provenance and avoid getting tricked by other apps.  (I'm thinking about PGP keys here too, I realize S/MIME uses a centralized infrastructure so getting tricked is less of a problem.)

Having said that, I do think we would want to be able to pull in public keys from other clients where the user has already vetted the certs / has a web-of-trust/etc.