[Evolution] Bug#508479: Bug#508479: evolution shows a SMIME signed messages as ok even if modified
Joachim Breitner
nomeata at debian.org
Sun Dec 14 10:57:35 UTC 2008
Hi,
Am Sonntag, den 14.12.2008, 11:50 +0100 schrieb Yves-Alexis Perez:
> On sam, 2008-12-13 at 23:47 +0000, Joachim Breitner wrote:
> > this is the modified one, forwareded using evolution’s
> > Forward-as-attachement feature. I hope this works.
>
> Thanks, it worked, and yes, openssl shows the signature as not valid,
> while evolution shows it as valid.
>
> I don't know enough evo so I'll forward it upstream.
Thanks
> Can this be exploited? I mean, is it possible to change any (valid)
> signed mail and bounce it to somebody else where it'll appear correctly
> signed?
sorry, haven’t tried it. Probably depends on the exact cause.
Greetings,
Joachim
--
Joachim "nomeata" Breitner
Debian Developer
nomeata at debian.org | ICQ# 74513189 | GPG-Keyid: 4743206C
JID: nomeata at joachim-breitner.de | http://people.debian.org/~nomeata
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
Url : http://lists.alioth.debian.org/pipermail/pkg-evolution-maintainers/attachments/20081214/e5739ed4/attachment.pgp
More information about the Pkg-evolution-maintainers
mailing list