You are viewing a plain text version of this content. The canonical link for it is here.

Posted to mime4j-dev@james.apache.org by "Markus Wiederkehr (JIRA)" <mi...@james.apache.org> on 2009/02/07 15:24:59 UTC

[jira] Updated: (MIME4J-113) [SMIME and OpenPGP/MIME] Support For Canonicalication And Normalisation

     [ https://issues.apache.org/jira/browse/MIME4J-113?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Markus Wiederkehr updated MIME4J-113:
-------------------------------------

    Attachment: signature-transfer-encoding.zip

The attachment "signature-transfer-encoding.zip" should prove my point. It contains a self-signed certificate and two digitally signed messages. The message was signed using Thunderbird 2.0.

In order to verify the signature one has to import the certificate and mark it for e-mail usage first ("Trust this CA to identify email users" in Thunderbird).

The messages only differ in the transfer encoding. Both are quoted-printable but the bad one encodes an additional space as =20.

So if Mime4j automatically decodes quoted-printable it is impossible to verify a signature because the transfer encoding is part of the signed data.

> [SMIME and OpenPGP/MIME] Support For Canonicalication And Normalisation
> -----------------------------------------------------------------------
>
>                 Key: MIME4J-113
>                 URL: https://issues.apache.org/jira/browse/MIME4J-113
>             Project: JAMES Mime4j
>          Issue Type: Wish
>    Affects Versions: 0.7
>            Reporter: Robert Burrell Donkin
>         Attachments: signature-transfer-encoding.zip
>
>
> Add canonicalisation and normalisation support suitable for use with SMIME and OpenPGP/MIME

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.