I was able to send and receive (via the hotmail extension) a set of digitally signed messages. (These weren't actually to hotmail.com but rather to q.com, a service MSN provides to Qwest.)
There were no problems with messages with lines of dots. It seems that the problem may be limited to GMail. For reasons that I do not understand, I was not able to use the hotmail extension to download unsigned messages. I tried both 1.2.24 and 1.2.24b5. In both cases, an attempt to download a single unsigned message timed out after a very long time. I am not especially concerned about this, as I do not use the hotmail extension (or the q.com address) normally. On Jan 7, 6:42 am, Gil <[email protected]> wrote: > I agree with Chris's point. When I started to think about it, I > couldn't imagine how the extension could ever download transmit mail > in such a way to preserve the validity of a digital signature. It > seemed that it would be especially hard for mail that is formatted > (e.g., sent in HTML). > > The reality is that, for the most part, the extension has no trouble > preserving the validity of the signatures. I have received many > signed messages, and the signature coming through the extension is > fine on all of them except those with the "lines of dots". I have > done diffs on "line of dots" mails received via POP and the extension, > and the line of dots is the only difference. And, as has been pointed > out, GMail transmits the lines of dots correctly via its UI. > > Maybe GMail provides some alternative interface that the extension can > use and that helps preserve the integrity of the message, at least in > most cases. > > I tried to do a similar test with the Hotmail extension. There, I > wasn't able even to get the extension to download a mail with a "line > of dots" - Thunderbird just spun. I may have some other issues there > - I don't use Hotmail much. > > On Jan 7, 12:20 am, Chris Clifton <[email protected]> wrote: > > > Just tried that with my own account, 7 .s sent, 7 displayed. I still > > suspect that the problem may be due to the fact that the extension > > "reads" the email on the website, converts it back to a POP format email > > and finally acts as as POP server to send the message to TB. Plenty of > > scope in that process for unintentional alteration of some trivial > > nature, but enough to cause a digital signature to fail. > > > Chris Clifton wrote: > > > What happens if you view the message on the website? If Google has > > > already removed the period, the extension is faithfully downloading > > > what Google displays, it can't do anything else. > > > > Gil wrote: > > >> Here are some more details. > > > >> If I send myself a message, and the message has in it a line with just > > >> periods (at least two), the Webmail Extension (GMail) will load the > > >> message missing one period. > > > >> This happens even if there is no signature on the message. The > > >> signature was just the way that I detected this problem. > > > >> On Jan 6, 8:53 pm, Gil <[email protected]> wrote: > > > >>> I have diagnosed to this to where maybe it can be debugged. > > > >>> The email in question includes one line with the following > > >>> text: ....... > > > >>> That is, my correspondent wrote a line with 7 periods in it. > > > >>> When I download the message using a POP server, the line comes through > > >>> with the 7 periods, and the signature is just fine. > > > >>> When I download the message using the Webmail extension, the line > > >>> comes through with only 6 periods. The Webmail extension loses one of > > >>> the periods somehow. > > > >>> Because the Webmail extension has essentially tampered with the body > > >>> of the message (by removing a period), Thunderbird detects that fact > > >>> (because the signature is wrong) and reports that to me. > > > >>> On Jan 6, 6:32 pm, Gil <[email protected]> wrote: > > > >>>> The sender was using Thunderbird, sending mail through their ISP's > > >>>> SMTP server. Hotmail was not involved. > > >>>> When I got home, I downloaded the message using Thunderbird and > > >>>> GMail's POP server. The digital signature is just fine when I > > >>>> download it that way. > > >>>> Thunderbird reports the signature as invalid only if I > > >>>> download the > > >>>> message using the Webmail extension. It may be that the extension is > > >>>> modifying the message in some trivial way (e.g., deleting a trailing > > >>>> space) that renders the signature invalid. > > >>>> On Jan 6, 3:00 pm, KE4AVB <[email protected]> wrote: > > > >>>>> Gil, > > >>>>> Your sender would not happen be use of the free Hotmail > > >>>>> service would > > >>>>> they? I have had problems sending signed and/or encrypted messages > > >>>>> through their service. They are opening and adding Hotmail > > >>>>> taglines to > > >>>>> the messages sent thought their service thus invaliding the > > >>>>> signatures > > >>>>> and encryptions. The same problem could be happening to other service > > >>>>> providers depending how they operate. The Hotmail problem occurs if I > > >>>>> use the online webmail or not. > > >>>>> Eugene > > >>>>> On Jan 6, 3:45 pm, Gil <[email protected]> wrote: > > > >>>>>> Should the Webmail extension (with GMail - actually GAFYD) play nice > > >>>>>> with S/MIME and digital signatures? > > >>>>>> I have received some signed emails using the Webmail > > >>>>>> extension, and > > >>>>>> Thunderbird is telling me that the signature is not valid > > >>>>>> (message has > > >>>>>> been modified). > > >>>>>> Other recipients of the same message report no problem > > >>>>>> with the > > >>>>>> signature - they do not use the Webmail extension but just basic > > >>>>>> POP. > > >>>>>> I can't try the same, as I am behind a corporate > > >>>>>> firewall and cannot > > >>>>>> use POP. > > >>>>>> It does seems that I am able to receive some emails via > > >>>>>> the Webmail > > >>>>>> extension with valid signatures. Only one sender seems to be > > >>>>>> affected > > >>>>>> so far. It may be that senders using plaintext for their > > >>>>>> messages are > > >>>>>> not affected, but those who compose using HTML may have their > > >>>>>> messages > > >>>>>> corrupted (by the Webmail extension?). > > >>>>>> I am using: > > >>>>>> - TB 2.0.0.23 > > >>>>>> - WebMail 1.3.5 > > >>>>>> - WebMail - GMail 0.6.5b1 > > > --
-- You received this message because you are subscribed to the Google Groups "Thunderbird Webmail Extension" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/thunderbird-webmail-extension?hl=en.
