© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
1b1ed1a
(Get the code!)
Why is the product (the discontinued) "Moz App Suite"? Shouldn't this be "Core"
or "Thunderbird"? If not, should i file a new bug on "Core" or "Thunderbird"?
(In reply to comment #0)
> If the mail client deletes attachments of a mail that happened to be
> cryptographically signed by the sender, the signature gets invalid.
Not only "invalid" but completely *blank*.
NOTE: This also happens with signed + *encrypted* messages (reword summary?).
> - Comment 60 suggested as one solution to disable the "delete attachment"
> feature completely for mails that are signed.
That is a problem for users who sign *all* their e-mails; and for the futurewhen
hopefully more users will be using digital signatures.
> - Another solution would be to allow deletion of attachments, and then treat the
> msg as if it never had a signature.
That would be unfortunate. Perhaps add some text to the bottom of the message
(below the attachment-removal note?):
"The digital signature has been removed from this message because the attachment
was removed, thus altering the e-mail."
> - Another suggestion (of mine) would be to show a special msg telling the user
> that the msg used to be signed by foo, but no longer is, because the attachments
> have been stripped. That poses the risk that users then treat the msg as if the
> signature was still valid, which would open (social) attacks where the attacker
> forges msgs which *pose* as exactly that.
This _may_ not be a big problem because messages with detached/deleted
attachments will likely only reside on the detacher'
not the inbox (as unread), and not sent to someone (this would be a
"reply/forward", which would strip the original sig anyhow - and validly replace
it with the new sender's sig).