On 04/03/2016 06:56 PM, Matthias Henze wrote: > Hi, > > I've created a proof of concept Thunderbird add on (based on Display > Mail User Agent), which indicates if a incoming mail was encrypted an/or > signed. At the moment I'm a bit confused about the Ciphermail Headers. I > need to understand them better. What's all about these numbers? > > -0-0 > -1-0 > -0-1 > > These are the combinations I found so far. But I found no rule when a 1 > appears and if, why. Could there be other numbers? My problem is that I > can ask the TB API only for complete headers and not for fragments. This > is why I need to know which combinations are possible. > > Besides of these numbers I also need a good explanation what exactly > could be derived form the headers. E.g. is it possible that a signed > mail is verified but not trusted and vice versa.
An S/MIME email can be encrypted and signed on multiple (CMS) levels. In most cases a message is first signed and then encrypted. However a message can for example also be signed, then encrypted and again signed. In principle there can be an unlimited number of levels of signing and encryption (although most S/MIME clients will probably not be able to handle the message). An message can also have multiple signers for the same level. So for example the message is first signed by person A *and* person B and then encrypted. Or to make it more exotic, a message if first signed by person A, then encrypted, then signed by the gateway. The information about these CMS levels is stored in the headers with -0-0. -1-0 etc. For a brief explanation of these headers see: https://www.ciphermail.com/documents/html/smime-setup-guide/#pf2a If you need more detailed information please let me know. Kind regards, Martijn Brinkers -- CipherMail email encryption Email encryption with support for S/MIME, OpenPGP, PDF encryption and secure webmail pull. https://www.ciphermail.com Twitter: http://twitter.com/CipherMail _______________________________________________ Users mailing list Users@lists.djigzo.com https://lists.djigzo.com/lists/listinfo/users
