[dev] S/Mime signature not validating (Was Fwd: Test)

Michael M Slusarz slusarz at horde.org
Tue Jan 14 08:15:56 UTC 2014


Quoting Michael M Slusarz <slusarz at horde.org>:

> Quoting Michael J Rubinsky <mrubinsk at horde.org>:
>
>> ..and here's one that was sent via Android, validation succeeds in  
>> Apple Mail and on iOS, but not in IMP.
>
> Come on Android.  I expect better out of you.
>
> As mentioned in a previous message, this has the same S/MIME structure issue:
>
> + multipart/signed
>   - application/pkcs7-signature
>
> The whole point of using multipart/signed is to send the actual MIME  
> data in cleartext, so that non s/mime capable agents can read it.   
> This message has no data - just S/MIME data.  Fail.  (If you are  
> going to send boh content and signature in a single part, you use  
> application/pkcs7-mime).
>
> We can do a better job re: handling these broken messages, but it's  
> still a broken message.

I've added a hotfix (might as well add to 6.1.7 also) to more cleanly  
handle these kind of messages.

For 6.2, I'll add code to instead try to correctly parse the broken  
message also.  Just not tonight.

michael

___________________________________
Michael Slusarz [slusarz at horde.org]



More information about the dev mailing list