Bug 152189 - [RHEL4] s/mime digitally signed messages are not validated.
Summary: [RHEL4] s/mime digitally signed messages are not validated.
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: evolution
Version: 4.0
Hardware: i386
OS: Linux
low
medium
Target Milestone: ---
: ---
Assignee: Matthew Barnes
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2005-03-25 20:50 UTC by Jason Smith
Modified: 2008-02-03 07:30 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2008-02-03 07:30:07 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)

Description Jason Smith 2005-03-25 20:50:34 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.6) Gecko/20050322 Red Hat/1.7.6-1.4.1

Description of problem:
We are using s/mime signed email as part of our secure authorization service, but messages that I receive and view with evolution are never recognized as having valid s/mime signatures.  I even tested this with a message that I signed with my own certificate and sent to others in our group and viewed in the Sent folder.

Version-Release number of selected component (if applicable):
evolution-2.0.2-14

How reproducible:
Always

Steps to Reproduce:
1. Import my certificate into evolution.
2. Send a signed message to a co-worker who can validate my email with MS Outlook.
3. Either look in evolution's Sent folder or send a copy to myself also.
4. Read the email and evolution claims that the email has an "Invalid signature"

  

Actual Results:  evolution could not verify the digital signature properly.

Expected Results:  It should be validated since the same email viewed by co-workers using MS Outlook are validated properly.

Additional info:
Comment 1 Jason Smith 2005-03-28 22:26:52 UTC 
I would like to amend this bug report.  I discovered while importing a CA cert
into evolution that it prompts how you would like to trust the CA, letting you
edit its trust settings.  When I imported my personal cert like I described above,
which included the whole certificate chain, it did also import the root CA cert,
but it never asked me how I would like to trust it and just imported it with all
trust settings disabled.  Therefore, evolution wouldn't even trust email signed by
my own cert.  I had to manually edit the root CA and enable trusting it.  When
importing a whole certificate chain, including CAs that have never been seen
before, evolution should also prompt the user how they would like to trust that
new CA.
Comment 2 Matthew Barnes 2007-01-09 18:29:28 UTC 
This was never proposed for RHEL-4.

Is the problem still present in RHEL-5?
Comment 3 Matěj Cepl 2007-08-31 21:11:33 UTC 
Reporter, could you please reply to the previous question? If you won't reply in
one month, this bug will be closed as INSUFFICIENT_DATA. Thank you.
Comment 4 Jason Smith 2007-08-31 21:25:45 UTC 
I can't answer this because I haven't upgraded to RHEL5 yet.  Does this mean
that support for evolution in RHEL4 is done?
Comment 5 Matthew Barnes 2007-08-31 22:34:39 UTC 
Support for Evolution 2.0.2 in RHEL4 will continue for security updates only. 
RHEL4.6 will include an optional upgrade to the Evolution 2.8, similar to what
shipped in RHEL5.
Comment 6 Matthew Barnes 2008-02-03 07:30:07 UTC 
Evolution 2.0.2 is only being updated for security issues.  Closing as WONTFIX.
 Feel free to reopen if this bug is still present in the "evolution28" package.
Note You need to log in before you can comment on or make changes to this bug.