Paul Kinzelman wrote, On 2008-10-22 18:39: > I originally posted this issue on moz.sup.tbird and somebody > suggested posting it here. The suggestion I got over there was > to try https://nic-nac-project.de/~kaosmos/p7mHandler-en.html
That should be https://nic-nac-project.org/~kaosmos/p7mHandler-en.html (.org, not .de) > but that didn't change anything. I'm not surprised. That site's code is intended to address a different problem, a problem wherein encrypted messages sent as attachments are not recognized as encrypted messages upon receipt. But your problem (I gather) is that the message is recognized as encrypted, but TB is unable to decrypt it. That's a completely different issue, I believe. > I'm using Tbird 2.0.0.17 (20080914) > > When a friend uses an Apple to digitally sign a message, I can > validate his signature OK (so that means I have his cert > properly in Tbird, right?), but when he encrypts the message, > I get a "Thunderbird cannot decrypt this message" error. > He's not using PGP, he's doing it in SMIME. Do you have Enigmail, the PGP extension for Thunderbird, installed? There have been reports that it causes problems for S/MIME mail users, problems similar to what you reported. https://bugzilla.mozilla.org/show_bug.cgi?id=388865 That bug report also says that uninstalling the PGP extension doesn't fix the problem, but creating a fresh Thunderbird profile (after uninstalling Enigmail, and perhaps uninstalling and reinstalling TB) reportedly does. If you have the Enigmail extension installed, and you think that might be the problem, rather than possibly messing up your existing Thunderbird installation, if you have a second machine, I might suggest trying to install Thunderbird without the Enigmail extension on that second machine, and transfer your certs and private keys to it, and see if it works better on that second machine. If not, then you haven't messed up your machine for nothing. If it does work there, then you at least know what the problem is. > I can encrypt and sign a message with my cert that he can read. > > I'll append first the header of the encrypted message that > I can't read, and then I'll append the header of the signed > message that I can read (because it's not encrypted) > and the signature validates OK. > > Any suggestions would be greatly appreciated. I'm kind of new > at this encryption stuff so feel free to treat me as an idiot. :-) In addition to Arsad's informative reply, I'll make this offer to try to help with the diagnosis a bit. If you will send ME a signed email, I will - look at it to see if I can spot anything that's not expected, and - try to send you an encrypted email in reply. I'm also willing to try to correspond with your friend to see if I get different results that you did. This will give us more data points with which to try to determine where the problem lies. Be sure you send it to ME, and not to the list. If you reply to this mail, your reply will go to the list unless you change the To address of your mail. You could also forward a copy of the encrypted email that you received (but cannot decrypt) to me. I won't be able to decrypt it either, but I might be able to figure out some clues about why you can't from it. If you do that, forward the original email as an attachment to your email, not "in line". _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
