Victor Probo wrote:
> I am asking what Mozilla will consider as a valid signature, and how it > will respond. (please ignore spelling errors, we all know why) > Start with the assumption that you have a validly structured X.509v3 > certificate signed by an acceptable CA. Here's what communicator 4.x does today (for reference): If the email check fails, the signature is labelled invalid. The email address in the cert must match the from line of the e-mail. e-mail addresses and certificates match one for one. That is one certificate (actually one set of certificates matched by subject) match one for one to email address. Communicator can not handle more than one certificate (subject)* per email address, nor can it handle multiple email addresses for pointing to the same certificate (subject). *certificate (subject) means a collection of certificates which make of a single personality all sharing the same subject DN. 90 % of the time it means a single cert. ---------------------------------------------------------------- What our goals for mozilla are: If the email check fails, the signature is labelled invalid. One of the email addresses in the cert, if any exist must match the from line of the email sender. If no email addresses exist, a mapping of cert to email addresses from some trusted source (directory/database) is attempted. If none exist at all match fails? In any case the displayed sender line gets replaces with the CN from the certificate. There are two basic reasons for checking the email address: 1) The signeature is only meaningful if you know how actually signed the email. A signed email which says "get off moz crypto and get back to work" signed by Bob Lord would have a different affect on me than the same signed message sent by [EMAIL PROTECTED] 2) The certificate with an embedded email address is an authenticated way of getting the public key for a potential recipient. That is why we need a trusted source to map email address to certificate if we can't match email addr in the certificate. Note I said these are the goals for mozilla. Unfortunately the one to one mapping of email address to certificate is built into our database format. Getting basic S/MIME working is the immediate goal. > > 1) Must the email address in the cert match the the from line of the > e-mail? > 2) Must the email address in the cert match some address in the Recieved > lines? > 3) Must there be an email address in the cert at all? The signature is > for the signer entity, not necessarily it's email address. > 4) What if there are multiple emails in multiple subjectAltName extensions? > 5) Is the cert considered valid if it's use is signature but not > encryption? For signatures, the cert must be valid for signing. In order to respond with an encrypted email, the encryption cert must also be available and valid. S/MIME typically carries both certificates in a signed message. > > Is there any Mozilla ConOp for these circumstances? > > > Victor Probo >
