| Summary: | verification of signatures successful despite non-matching sender addres | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Product: | Claws Mail (GTK 2) | Reporter: | johannes schilling <claws-mail-bugzilla> | ||||||
| Component: | Plugins/Privacy/SMIME | Assignee: | users | ||||||
| Status: | REOPENED --- | ||||||||
| Severity: | major | ||||||||
| Priority: | P3 | ||||||||
| Version: | 3.14.1 | ||||||||
| Hardware: | PC | ||||||||
| OS: | Linux | ||||||||
| Attachments: |
|
||||||||
Created attachment 1708 [details]
smime email from wrong sender verifying correctly without warning
(there doesn't seem to be an option to upload more than one attachment when creating a bug, so this one separate)
It is irrelevant. A key doesn't even need to have an email address associated with it. you're right, keys/certs don't neccessarily have addresses associated with them, but many certificate authorities only sign S/MIME certs that have mail addresses included and validate the email addresses. so what i'm trying to say is: i know that it's not given that each certificate has email addresses attached, but it's a use case many organisations i've been to have and they require that i can't send an email in your name, signed as me and have it get a green verification badge. or, put another way: the way you see it, it's the S/MIME certificate alone that verifies someones identity, and possible mismatches between mail addresses (that i as a user see, but that are irrelevant to the protocol?) are to be ignored; is that right? Re-opened and re-categorised under Plugins/Privacy/SMIME because this may be an issue with S/MIME. |
Created attachment 1707 [details] gpg signed mail from wrong sender verifying correctly without warning claws-mail does correctly verify the signature status for emails, so it shows "Good Signature from <signature key primary address>". it does not, however, verify the actual from/sender address is one of the addresses in the signature key. i have attached two email messages (one GPG, one S/MIME) that verify as correctly signed messages, but each have a From: address that is not one of the addresses in the smime certificate/gpg key. expected behaviour: the signature status should include a warning that the from address is none of the addresses in the signature key.