Nelson B. Bolyard wrote:
Nelson;Winston O'Brien wrote:Folks; I send an encrypted/signed email to someone. Moz encrypts my copy in the Sent folder. (I won't start a flame about not giving me a choice.) Then the email is saved using "Save as.." to an external .eml file and still encrypted. Now, how can I read this archived piece of email? Archiving is needed to keep down the bandwidth in the IMAP interaction. Is there an independent/external application that can decrypt/display this S/MIME file? Obviously the certX.db file will be needed. Any help is appreciated...
To save your emails locally, instead of using save as, create a "local folder"
and save it to the local folder (folder on your local system, or could be a
network mounted file system). mozilla will have no difficulty decrypting it from the local folder.
Since you've already done this "save as", what you need to do is to manually
reinsert the saved mail into a mozilla mail folder. You can try this:
Create a new local folder in mozilla. Copy a few messages into it so it won't be empty - maybe some spam ;-). Then exit mozilla, and look at the files for the local folder you've just created. You'll see that one of the files is a plain text file which just has the messages more-or-less concatenated together with (if I recall correctly) a special "From" line as the first line of each message.
Just add your "save as" message to that folder file. You'll have to make up your own special From line. Use the other From lines to see how they're
constructed. Then restart mozilla and look in the folder you've just edited. Your saved message will probably appear, and you may well be able to decrypt it.
--
Nelson Bolyard Disclaimer: I speak for myself, not for Netscape
I was hoping this wasn't the answer. This says that Moz is a closed product that doesn't interact with other products even when using RFC standard protocols and algorithms.
I have started to try the certutil and cmsutil tools. Unfortunately, I run FreeBSD and they are not built for that operating system. In the Linux compatability mode, all the dynmaic links are satisfied, but the programs (the couple I could find docs for) die with an OS signal.
The next step is to look at exporting all of the keys and comming up with some Perl scripts and OpenSSL tools. But that will be a big security problem since either all the private keys files will have the same passwords or the scripts will have to build a database of passwords to access the private keys.
What someone needs to build is a Crypto Management System (CMS?) that can [en|de]crypt files and SMIME using a PKI database. Import and export and generally manage keys. But not be a web browser addon. Something like PkZip with a PKI key management system frontend. A general utility tool. It could use the certX.db and keyX.db; or mailtain one of its own. It could have documentation (other than 'read the abstract source').
Well I will keep searching.....
Winston O'Brien
