No way of setting the encryption and hash algorithms

RESOLVED DUPLICATE of bug 222179

Status

MailNews Core
Security: S/MIME
--
critical
RESOLVED DUPLICATE of bug 222179
4 years ago
8 months ago

People

(Reporter: Cristian Baboi, Unassigned)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

4 years ago
User Agent: Opera/9.80 (Windows NT 6.1; Win64; x64) Presto/2.12.388 Version/12.16

Steps to reproduce:

1. configure thunderbird for smime encryption&signing
2. create a new e-mail with sign&encrypt
3. send the e-mail


Actual results:

The e-mail was sent with 3DES encryption. I don't know the hash algorithm used.


Expected results:

The ui should have allowed me to set and view the algorithms used for signing & encryption.
(Reporter)

Updated

4 years ago
Severity: normal → critical
Hardware: x86 → x86_64
Component: Security → Security: PSM
Product: Thunderbird → Core
Version: 24 → unspecified
Component: Security: PSM → Security: S/MIME
Product: Core → MailNews Core
Hello together,

I found a similar bug post here https://bugzilla.mozilla.org/show_bug.cgi?id=222179, where someone already seemingly developed a patch, but it was never integrated in Thunderbird. Essentially it should be a dropdown menu in the S/MIME options in the mail accont configuration to select the general hash algorithm and encryption algorithm for S/MIME messages in general for example as posted here https://bug222179.bmoattachments.org/attachment.cgi?id=8361739

I've developed a great interest in cryptography in the last months, it truly would be very useful. As I know Thunderbird can open and reply to AES128, AES192, AES256 and even AES512 messages, and also handle the SHA2 family for signing.

It's just a matter of personal freedom for the user, so that he/she can select the preferred algorithms for themselves.
I have found no way to change the seemingly hard coded 3DES 168bit encryption algorithm in Thunderbird at all.

Outlook give me the opportunity to choose my algorithms on my own. Since Windows XP is no longer supported anyway, stronger algorithms would be absolutely appreciated, such as SHA256/AES256 or SHA256/AES192. And computing power is no reason at all, although all new processors have built in AES acceleration

All major email applications and operating system support such algorithms now, as posted by GlobalSign here
https://support.globalsign.com/customer/portal/articles/1499561-sha-256-compatibility

Thank you ever so much.

Kindest regards,
Robert Christian Strasser

Comment 2

8 months ago
> I found a similar bug post here https://bugzilla.mozilla.org/show_bug.cgi?id=222179, 

dupe?  (on the surface, seems like)
Flags: needinfo?(mkmelin+mozilla)

Comment 3

8 months ago
Yes.
Status: UNCONFIRMED → RESOLVED
Last Resolved: 8 months ago
Flags: needinfo?(mkmelin+mozilla)
Resolution: --- → DUPLICATE
Duplicate of bug: 222179
You need to log in before you can comment on or make changes to this bug.