[dev] Re: [cvs] commit: imp/lib/MIME/Viewer pkcs7.php
Cliff Green
green at umdnj.edu
Sat Feb 7 14:22:32 PST 2004
Quoting Eric Rostetter:
> Quoting Jan Schneider <jan at horde.org>:
>
>> Fix error message when viewing s/mime parts attached to s/mime
>> messages. The
>> attached message still doesn't show up though.
>
> OT, but yesterday I got a s/mime message from Apple Mail, and it used
> application/pkcs7-signature instead of the horde/imp defined
> application/x-pkcs7-signature. It thus didn't see it as a signed message.
> I added the non-x mime type, and it worked fine. So the questions is,
> should we add both mime types to horde/imp? I know at least Apple's
> mailers, and probably others too...
>
Yes, I've been adding that change manually because Outlook/Exchange uses that
mime type as well. Actually, I think it's one of the options, but the Exchange
admins and users I know tend to be pretty ignorant about MIME attachments (they
seem to prefer uuencoding, believe it or not!) and S/MIME. So, you might want
to add application/pkcs7-mime as well.
Another thing I've run into is that imp currently only handles detached s/mime
signatures, not encapsulated signatures (they look like encrypted messages,
with type .p7m). I've been looking at the current code, but have to admit I
don't spend enough time on the current MIME handling to be able to address this
yet.
Further, I don't know if my setup is particularly farkeled, but I haven't been
able to actually use s/mime for encrypting for a while now (since last
January!); since nobody else has complained about it, I've been assuming it's
my setup. Speaking of which - am I the only one who can't capture a
correspondent's public key from a signed message and add it to turba anymore?
There used to be a link in the header section.
An additional thing I've been thinking about is that for a variety of reasons
(e.g., x509 certs expire, often after 1 year), and it's helpful to be able to
have more than one private key available - presumably as an array.
--
Cliff Green
Academic Computing Services - UMDNJ
Signature under NDA
More information about the dev
mailing list