Bug 4027

Summary: SMIME: please implement RFC6476
Product: Claws Mail (GTK 2) Reporter: kardan
Component: Plugins/Privacy/SMIMEAssignee: users
Status: NEW ---    
Severity: enhancement    
Priority: P3    
Version: 3.17.0   
Hardware: PC   
OS: All   
URL: https://datatracker.ietf.org/doc/rfc6476/

Description kardan 2018-05-17 22:12:51 UTC 
This document specifies the conventions for using Message
   Authentication Code (MAC) encryption with the Cryptographic Message
   Syntax (CMS) authenticated-enveloped-data content type.  This mirrors
   the use of a MAC combined with an encryption algorithm that's already
   employed in IPsec, Secure Socket Layer / Transport Layer Security
   (SSL/TLS) and Secure SHell (SSH), which is widely supported in
   existing crypto libraries and hardware and has been extensively
   analysed by the crypto community. 

https://datatracker.ietf.org/doc/rfc6476/

I don't know if this is already implemented. It was suggested as a solution for security issue with s/mime lately:

"The problem with S/MIME implementations missing integrity protection
is serious and we hope that vendors will quickly agree on implementing
RFC6476 or something similar. This seems to be the most interesting
finding, as it cannot be resolved quickly and it reminds everybody
to be careful with contents that can become active as a backchannel
or exploit code."

http://lists.wald.intevation.org/pipermail/gpg4win-devel/2018-May/001696.html

Thanks for your great work!