[VM] s/mime support?

Discussion:

Arik Mitschang

2010-09-07 00:43:52 UTC

Hi All,

Just wondering if folks have any thoughts on working toward support of
s/mime in VM? I mean something like using the mime capabilities to
recognize "pkcs7-mime" content-types and then running a tool like
openssl on the components of such a message. Or when composing a
message we could have support for s/mime by parsing the recipients and
locating appropriate certificates in a directory with symlinks and
signing capability of course.

If we rely in a big part on external tools (like openssl) it might be
a pretty easy thing to work in, plus speed is really a non-issue here.

Thanks,
~Arik

Tim Cross

2010-09-07 22:27:34 UTC

Permalink

I think s/mime support is probably a good idea in principal. However, I suspect
the difficulty may be in getting consistency across all the platforms VM runs
on, especially if this support will rely on external tools. It is probably
legitimate to explicitly support only some platforms, provided the feature
doesn't cause problems on platforms where it is not supported.

Tim

Post by Arik Mitschang
Hi All,
Just wondering if folks have any thoughts on working toward support of
s/mime in VM? I mean something like using the mime capabilities to
recognize "pkcs7-mime" content-types and then running a tool like
openssl on the components of such a message. Or when composing a
message we could have support for s/mime by parsing the recipients and
locating appropriate certificates in a directory with symlinks and
signing capability of course.
If we rely in a big part on external tools (like openssl) it might be
a pretty easy thing to work in, plus speed is really a non-issue here.
Thanks,
~Arik

--
Tim Cross
***@rapttech.com.au

There are two types of people in IT - those who do not manage what they
understand and those who do not understand what they manage.

Arik Mitschang

2010-09-08 02:40:38 UTC

Permalink

Definitely agree, and I think it's totally reasonable to implement
with external tools with the caveat that a platform without these
tools is implicitly not supported. And since, at least for incoming
messages, the s/mime content is an attachment when the case is not
supported VM would be happy leaving things alone. All we would need
really is to have a variable with the proper command line to generate
a pkcs7 data structure, and conversely something to decompose
one. openssl likely covers the vast majority of systems.

I think the biggest challenge would be the management of certificates
and private keys. Needs some structure, but probably should leave a
lot of choices to the user, i.e. don't go requiring extra private keys
and/or copying existing ones to numerous locations, etc.

Support would obviously be more of a long term goal, since there's a
bit of thought that should go into this, but since a bunch of other
clients already have (at least rudimentary) support, seems like it
would help keep VM competitive.

~Arik

Post by Tim Cross
I think s/mime support is probably a good idea in principal. However, I suspect
the difficulty may be in getting consistency across all the platforms VM runs
on, especially if this support will rely on external tools. It is probably
legitimate to explicitly support only some platforms, provided the feature
doesn't cause problems on platforms where it is not supported.
Tim

--
Tim Cross
There are two types of people in IT - those who do not manage what they
understand and those who do not understand what they manage.
--
Tim Cross
There are two types of people in IT - those who do not manage what they
understand and those who do not understand what they manage.

--
Arik W. Mitschang