I just discovered a NASTY problem with S/MIME in Communicator 4.7x. I certainly hope Mozilla's S/MIME will get this right.
8 days ago, I sent a signed and encrypted email to someone. After he received it, he had a hard disk crash, and lost his email folders. Fortunately, his private keys and certs were backed up. So, he got a new disk, reinstalled everything, and wrote me asking me to resend that signed and encrypted message to him. I have a copy of the signed and encrypted message in my folder of sent messages. I don't want to make a new signed and encrypted message from the plaintext of the original. I just want to forward an exact copy of the original encrypted message to him. NO CAN DO. Communicator wants my private key to forward the message. I shouldn't need my private key to forward an exact copy of the original signed-and-encrypted email. It should be forwarded exactly as is. Right? Nope. Communicator won't forward it. Without my private key, Communicator only forwards the original message header (which wasn't encrypted in the original message) with no body. If I login to my crypto token, unlocking my private key, then Communicator can read the decrypted original message. But then what it does is not forward the original signed-and-encrypted message as-is. Instead it creates a new message, which has the decrypted original plaintext message as an attachment, and it wants to sign and encrypt that new message. If I remove the checks for the checkboxes for sign and encrypt, it wants to send the new message, with the decrypted original plaintext message attached, unencrypted! I certainly hope Mozilla's S/MIME will get this right. -- Nelson Bolyard
