Dave Roberts typed:
> Victor Probo typed:
>> Ok, I should have recognized the p7m as an encrypted message. But why was
>> it not recognized.
>
> Because it's not encrypted, it's signed. Note the last part of...
> => Content-Type: application/pkcs7-mime;smime-type=signed-data
>
> IME, Outlook by default sends signed messages in this format. I call it
> an opaque signature, as a corollary to a clear (or detached) signature.
>
> Netscape 4 used to recognise these, but Mozilla does not.
Bad form to reply to yourself, but I stand corrected. I've just
received an "opaque" signed message from an Outlook user.
Mozilla is happy to display the contents of the e-mail, however it
claims that the mail was encrypted - when it was not. Mozilla does
*not* import the persons certificate for me, so I cannot encrypt a response.
In this instance, the e-mail headers are:-
Content-Type: application/x-pkcs7-mime;
name="smime.p7m"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
filename="smime.p7m"
So there is no mention of the PKCS#7 content type, but putting it
through a PKCS#7 parser, it is clearly a signed-data message.
This really needs fixing to inter-operate with the Outlook populus.
- Dave.
