[dev] Re: [cvs] commit: imp/lib/MIME/Viewer pkcs7.php

Jan Schneider jan at horde.org
Sat Feb 7 14:49:59 PST 2004


Zitat von Cliff Green <green at umdnj.edu>:

> Quoting Eric Rostetter:
>
>> Quoting Jan Schneider <jan at horde.org>:
>>
>>>  Fix error message when viewing s/mime parts attached to s/mime
>>> messages. The
>>>  attached message still doesn't show up though.
>>
>> OT, but yesterday I got a s/mime message from Apple Mail, and it used
>> application/pkcs7-signature instead of the horde/imp defined
>> application/x-pkcs7-signature.  It thus didn't see it as a signed message.
>> I added the non-x mime type, and it worked fine.  So the questions is,
>> should we add both mime types to horde/imp?  I know at least Apple's
>> mailers, and probably others too...
>>
>
> Yes, I've been adding that change manually because Outlook/Exchange uses that
> mime type as well.  Actually, I think it's one of the options, but 
> the Exchange
> admins and users I know tend to be pretty ignorant about MIME 
> attachments (they
> seem to prefer uuencoding, believe it or not!) and S/MIME.  So, you 
> might want
> to add application/pkcs7-mime as well.

Done.

> Another thing I've run into is that imp currently only handles 
> detached s/mime
> signatures, not encapsulated signatures (they look like encrypted messages,
> with type .p7m).  I've been looking at the current code, but have to admit I
> don't spend enough time on the current MIME handling to be able to 
> address this
> yet.

I've never seen such a message. Any chance you can bounce or forward one?

> Further, I don't know if my setup is particularly farkeled, but I 
> haven't been
> able to actually use s/mime for encrypting for a while now (since last
> January!);  since nobody else has complained about it, I've been 
> assuming it's
> my setup.  Speaking of which - am I the only one who can't capture a
> correspondent's public key from a signed message and add it to turba anymore?
> There used to be a link in the header section.
>
> An additional thing I've been thinking about is that for a variety of reasons
> (e.g., x509 certs expire, often after 1 year), and it's helpful to be able to
> have more than one private key available - presumably as an array.

They should be bound to the identities because, as opposed to PGP keys, you
mostly (always?) have only one email address per s/mime key.

Jan.

--
http://www.horde.org - The Horde Project
http://www.ammma.de - Neue Wege des Lernens
http://www.tip4all.de - Deine private Tippgemeinschaft


More information about the dev mailing list