Tickets :: [#3482] Saving S/MIME certificate to address book fails

6.0.0-beta1

7/4/25

Summary	Saving S/MIME certificate to address book fails
Queue	Horde Framework Packages
Queue Version	Git master
Type	Enhancement
State	Resolved
Priority	1. Low
Owners	jan (at) horde (dot) org
Requester	selsky (at) columbia (dot) edu
Created	02/15/2006 (7079 days ago)
Due
Updated	04/04/2011 (5205 days ago)
Assigned	11/09/2008 (6081 days ago)
Resolved	04/04/2011 (5205 days ago)
Milestone
Patch	No

04/04/2011 09:59:38 AM	Jan Schneider	Taken from Horde Developers State ⇒ Resolved

04/04/2011 09:59:33 AM	Git Commit	Comment #17	Reply to this comment
Changes have been made in Git for this ticket: Update all addresses, not just the first one (~~Request #3482~~). 3 files changed, 11 insertions(+), 7 deletions(-) http://git.horde.org/horde-git/-/commit/b2514fb99f2e0e389d70ab0ff12d0995a9c5845e

03/30/2011 01:00:10 PM	Jan Schneider	Comment #16 State ⇒ Feedback	Reply to this comment
The parser already returned multiple addresses, I only had to add the code to pick the first of multiple addresses when adding certs to the address book. Adding certs to all addresses of a cert wouldn't be complicated at all, but the API method is supposed to only return a single contact __key. Hm, now that I look at it, it doesn't do that in all cases anyway. So should we add the cert to all addresses or only the first one?

03/30/2011 12:56:41 PM	Git Commit	Comment #15	Reply to this comment
Changes have been made in Git for this ticket: [jan] Add fields to the first address if multiple passed to addField() API method (~~Request #3482~~). 3 files changed, 25 insertions(+), 9 deletions(-) http://git.horde.org/horde-git/-/commit/536971e6023ec3d30c15183830efebb427264148

09/05/2009 09:17:37 PM	Jan Schneider	Queue ⇒ Horde Framework Packages Priority ⇒ 1. Low State ⇒ Accepted Type ⇒ Enhancement Version ⇒ Git master

09/05/2009 09:16:38 PM	Jan Schneider	Milestone ⇒ 4

11/09/2008 02:35:50 AM	Chuck Hagenbuch	Comment #14 State ⇒ Assigned	Reply to this comment
Un-stalling for Horde 4

10/01/2007 01:46:04 PM	Jan Schneider	Comment #13 State ⇒ Stalled	Reply to this comment
We would have to change the return hash of the cert parser to be able to return more than one value per certificate key. Anything else would be a crude hack, so this going to be stalled for Horde 4.

09/30/2007 09:24:12 PM	Matt Selsky	Comment #12 New Attachment: s-mime-sign.eml	Reply to this comment
Here you go. Can we have a blacklist of free certificates so we avoid storing the bogus name from the the CN? Thawte's certificates only have real names in the CN if you pay for the certificate...

09/20/2007 09:57:23 PM	Jan Schneider	Comment #11 Assigned to Jan Schneider Taken from Matt Selsky State ⇒ Feedback	Reply to this comment
That being said, we should fix IMP too, because in the message view it shows the sender's name, not the cert's name in the link to save the cert. The correct name/address is used in the verification message though. This has been fixed. Is it correct that all that's left to do is, to save several contacts if there are several addresses in a cert? Can anyone provide and example message?

04/19/2007 10:35:47 PM	Jan Schneider	Assigned to Horde Developers

02/16/2006 09:40:03 AM	Jan Schneider	Comment #10	Reply to this comment
I don't think we should do anything about senseless CNs. It's sad the the Thawte certs don't contain a useful value, but need to rely on that, because certs are tied to the cert's subject, not to the sender of the cert. That being said, we should fix IMP too, because in the message view it shows the sender's name, not the cert's name in the link to save the cert. The correct name/address is used in the verification message though.

02/16/2006 05:30:23 AM	Matt Selsky	Comment #9	Reply to this comment
Should we attempt to do anything about "dumb" CN's in the certificate subject? I have a certificate from a UWisc user and the CN="Joe user", but I also have a Thawte Freemail certificate where the CN="Thawte Freemail Member". Thawte may be the only CA that does this...

02/15/2006 10:41:11 PM	Jan Schneider	Comment #8	Reply to this comment
How should we deal with multiple email addresses? Create multiple accounts? I'd say we should look for a match, and add the certificate to the first matching address if there is one. If there's no match, create an entry for the first address listed in the cert. But the user might want to use any of the addresses this cert is valid for. So he needs multiple entries in his address book.

02/15/2006 07:19:34 PM	Matt Selsky	Comment #7	Reply to this comment
Match the From address and the certification subject? Should we also use the From address for the name field? The name in the certificate is useless for this certificate at least. Do other S/MIME certificates have better data in that field?

02/15/2006 07:13:31 PM	Chuck Hagenbuch	Comment #6	Reply to this comment
How should we deal with multiple email addresses? Create multiple accounts? I'd say we should look for a match, and add the certificate to the first matching address if there is one. If there's no match, create an entry for the first address listed in the cert.

02/15/2006 08:36:19 AM	Jan Schneider	Comment #5 Assigned to Matt Selsky	Reply to this comment
Assigned ticket should always be assigned to someone.

02/15/2006 08:35:10 AM	Jan Schneider	Comment #4	Reply to this comment
The Turba addField code assumes that there will only be one email address in the certificate subject. How should we deal with multiple email addresses? Create multiple accounts?

02/15/2006 03:31:34 AM	Matt Selsky	Comment #3 State ⇒ Assigned	Reply to this comment
I fixed the undefined index problem for History objects in Horde 3.1 and HEAD. The S/MIME problem still exists.

02/15/2006 01:52:23 AM	Matt Selsky	Comment #2	Reply to this comment
Note the link in IMP has this text: Click to Save S/MIME certificate of Matthew Murphy <mattmurphy@kc.rr.com> in your Address Book. The certificate Subject is as follows: Subject: CN=Thawte Freemail Member/emailAddress=mattmurphy@kc.rr.com/emailAddress=mrm565s@smsu.edu/emailAddress=Matthew007@MissouriState.edu The Turba addField code assumes that there will only be one email address in the certificate subject. How should we deal with multiple email addresses?

02/15/2006 01:43:20 AM	Matt Selsky	Comment #1 Priority ⇒ 1. Low State ⇒ Unconfirmed Queue ⇒ IMP Type ⇒ Bug Summary ⇒ Saving S/MIME certificate to address book fails	Reply to this comment
I click on the "Save S/MIME certificate ... to address book" link in IMP and the resulting entry in turba looks like: Name: Thawte Freemail Member Email: Array S/MIME Public Certificate -----BEGIN CERTIFICATE----- ....Valid certificate.... -----END CERTIFICATE----- Also, viewing the entry in Turba shows the following errors: Notice: Undefined index: history_action in /etc/httpd/htdocs/horde/framework/History/History.php on line 346 Notice: Undefined index: history_desc in /etc/httpd/htdocs/horde/framework/History/History.php on line 347 Notice: Undefined index: history_who in /etc/httpd/htdocs/horde/framework/History/History.php on line 348 Notice: Undefined index: history_id in /etc/httpd/htdocs/horde/framework/History/History.php on line 349 Notice: Undefined index: history_ts in /etc/httpd/htdocs/horde/framework/History/History.php on line 350 Notice: Undefined index: history_extra in /etc/httpd/htdocs/horde/framework/History/History.php on line 351