So every S/MIME MUA I'm aware of includes the sender in the enveloped
message's RecipientInfos. This makes sense because people generally
expect to read the email they send themselves.
However, yesterday I had a case where a sender had two certs issued with
the same email address subjectAlternativeName under two different PKIs
(don't go there). On the system in question he had only one of these
key pairs installed; the other was present but only as the cert (no
private key). The MUA, for whatever reason, used the incomplete
identity in the envelope RecipientInfos and the user was unable to read
his sent mail.
I'm thinking that an MUA, when enveloping an outgoing message for the
sender, should check to make sure the sender has the private key and
warn the user if it's not present.
While this can be addressed as a bug in the MUA (and I'll be reporting
it), I scanned through 3850, 3851, and 5652 and I find no mention of
this enveloping for sender behavior anywhere. I was wondering if anyone
felt enveloping for sender is common enough to place some minimal
requirements on it, maybe in 3851 (I'm not sure it belongs in 5652).
Description: S/MIME Cryptographic Signature
smime mailing list