Definitely agree, and I think it's totally reasonable to implement with external tools with the caveat that a platform without these tools is implicitly not supported. And since, at least for incoming messages, the s/mime content is an attachment when the case is not supported VM would be happy leaving things alone. All we would need really is to have a variable with the proper command line to generate a pkcs7 data structure, and conversely something to decompose one. openssl likely covers the vast majority of systems.
I think the biggest challenge would be the management of certificates and private keys. Needs some structure, but probably should leave a lot of choices to the user, i.e. don't go requiring extra private keys and/or copying existing ones to numerous locations, etc. Support would obviously be more of a long term goal, since there's a bit of thought that should go into this, but since a bunch of other clients already have (at least rudimentary) support, seems like it would help keep VM competitive. ~Arik Tim Cross writes: > > I think s/mime support is probably a good idea in principal. However, I > suspect > the difficulty may be in getting consistency across all the platforms VM runs > on, especially if this support will rely on external tools. It is probably > legitimate to explicitly support only some platforms, provided the feature > doesn't cause problems on platforms where it is not supported. > > Tim > > Arik Mitschang writes: > > Hi All, > > > > Just wondering if folks have any thoughts on working toward support of > > s/mime in VM? I mean something like using the mime capabilities to > > recognize "pkcs7-mime" content-types and then running a tool like > > openssl on the components of such a message. Or when composing a > > message we could have support for s/mime by parsing the recipients and > > locating appropriate certificates in a directory with symlinks and > > signing capability of course. > > > > If we rely in a big part on external tools (like openssl) it might be > > a pretty easy thing to work in, plus speed is really a non-issue here. > > > > Thanks, > > ~Arik > > > > -- > Tim Cross > [email protected] > > There are two types of people in IT - those who do not manage what they > understand and those who do not understand what they manage. > -- > Tim Cross > [email protected] > > There are two types of people in IT - those who do not manage what they > understand and those who do not understand what they manage. -- Arik W. Mitschang
