Bug ID: 409719
           Summary: Plain text fallback when using untrusted keys
           Product: kmail2
           Version: 5.9.3
          Platform: Debian stable
                OS: Linux
            Status: REPORTED
          Severity: minor
          Priority: NOR
         Component: crypto
  Target Milestone: ---

KMail will fall back to plain text Mails if it thinks, that S/MIME certificates
are not trustworthy. (Which btw. isn't the case. This will be another Bug.)
At first there are several scenarios where your and the receivers trust differ.
So if you don't trust a certificate it is still valid to use it for signing.
(But not for verifying signatures.)
At second there are different trust levels. (PGP even defines them explicitly.)
You may want to be able to send unimportant messages (that would be sent
otherwise in plain text) to a not *fully* trustworthy person. So again: Even
for *en*cryption int makes perfect sense to allow to use not trusted keys. (At
leas as long you support also plain text mails.)
And at last: You should at least consider, that your checking is broken (My be
just due to misconfiguration because it uses the wrong time etc.) and allow the
user to do it externally with openssl etc.. So if the user says it is
trustworthy – just do as he says. ;-)

1. Use a system with a wrong date. (For example without a RTC.)
2. Try to send a signed message.
3. KMail will warn and fall back to plain text.

At first: KMail should never ever prefer plain text messages over signed ones.
This is absolute rubbish.
You could argue that there is a central truststore in x.509. But then you have
to block all plain text mails also.

Falling back to plain text makes absolutely no sense at all.

You are receiving this mail because:
You are watching all bug changes.

Reply via email to