Closed Bug 36246 Opened 28 years ago Closed 19 years ago

We need to accept/deal with certs-only messages/attachments

Categories

(NSS :: Libraries, defect, P2)

All
Other
defect

Tracking

(Not tracked)

RESOLVED WORKSFORME

People

(Reporter: repka, Assigned: julien.pierre)

Details

(This bug imported from BugSplat, Netscape's internal bugsystem. It was known there as bug #54956 http://scopus.netscape.com/bugsplat/show_bug.cgi?id=54956 Imported into Bugzilla on 04/18/00 17:10) Some other vendors can send out packages of certs, usually as an attachment. Nortel has done this, for example. We should be taking those certs and importing them, much as we do certs we find in a signed message. (The difference is that these things don't have any content, nor a signature.) I need to provide a function for Jamie to call when he runs across one of these things. I think, but am not positive, that Jeff has already provided me without enough of a certificate interface to handle the importing. ------- Additional Comments From repka 04/28/97 15:30 ------- Still trying to get this to work, but hit a little snag. Just importing the certs themselves is easy, but making them usable as email certs is a bit trickier. Jeff and I need to stew on this a bit more, so I'm not leaving it marked for b4. ------- Additional Comments From repka 05/06/97 14:43 ------- Not in Dogbert, it seems... ------- Additional Comments From marek Apr-03-2000 18:08 ------- mass resolving LATER and REMIND bugs as WONTFIX (however, if you own one of these and have a fix that can be checked into 4.73 [assuming that you have QA lined up for it], please contact 4.73 project manager -- angelabu)
Old bug just moved from internal to bugzilla. Reopening so I can reassign it and comment on it.
Status: RESOLVED → UNCONFIRMED
This still needs to be done. I think Chris knows this already, but this bug can be a reminder. It isn't highest priority (obviously) but it is a place where we are not standards-compliant. There is work to be done in NSS but also on the client-side to recognize receiving such a thing and to make the right call(s) to PSM to import the certs. There may even be some UI implications; Christian will have to consider all of this if/when he gets around to dealing with this issue.
Assignee: repka → chrisk
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
Set Target Milestone 4.0.
Assignee: chrisk → wtc
Status: ASSIGNED → NEW
Target Milestone: --- → 4.0
Version: unspecified → 3.0
Status: NEW → ASSIGNED
Another S/MIME bug to consider for the PRD.
Target Milestone: 4.0 → 3.4
Assigned the bug to Julien. Note priority is P2, target milestone 3.4. Bob, should we push this bug to 4.0?
Assignee: wtc → jpierre
Status: ASSIGNED → NEW
Does anyone know what sort of NSS work that is involved to fix this ? I'm still not very familiar with the S/MIME APIs. Just a pointer to the right functions that have issues would be helpful.
I think the S/MIME code handles this as-is. Maybe one needs to add a special case to the glue logic between application and S/MIME library for the "certs-only" smime-type parameter (see RFC2633 3.2.2 for details). It needs to handle a "signature"-type blob that contains no encapsulated data (we already handle this correctly for detached signatures) *and* no signatures, just a set of certificates. The rationale is to have a "standard" way to transport certificates that makes it easy for the receiving user to add these to her certificate database.
Set target milestone to NSS 3.5.
Target Milestone: 3.4 → 3.5
Moved to 4.0.
Target Milestone: 3.5 → 4.0
A test case would be very useful to help implement this.
Removing target 4.0, since there is no 4.0 plan .
Target Milestone: 4.0 → ---
NSS has the following APIs : NSS_CMSSignedData_VerifyCertsOnly NSS_CMSSignedData_CreateCertsOnly To import the certs, I don't see any reason in the code why NSS_CMSSignedData_ImportCerts wouldn't work on a certs-only message. Closing this bug as WORKSFORME .
Status: NEW → RESOLVED
Closed: 19 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.