Vanwege onderhoudswerkzaamheden die uw ervaring zouden moeten verbeteren, heeft deze website beperkte functionaliteit. Als een artikel uw probleem niet verhelpt en u een vraag wilt stellen, kan onze ondersteuningsgemeenschap u helpen in @FirefoxSupport op Twitter en /r/firefox op Reddit.

Zoeken in Support

Vermijd ondersteuningsscams. We zullen u nooit vragen een telefoonnummer te bellen, er een sms naar te sturen of persoonlijke gegevens te delen. Meld verdachte activiteit met de optie ‘Misbruik melden’.

Meer info

Deze conversatie is gearchiveerd. Stel een nieuwe vraag als u hulp nodig hebt.

Encrypted email shows up decrypted when recieved from collegues account where it was sent to, w/o his private cert installed

  • 3 antwoorden
  • 1 heeft dit probleem
  • 7 weergaven
  • Laatste antwoord van Matt

more options

I have 2 email accounts in Thunderbird 24.5.0. Account 1: My Account, s/mime and certs properly setup for signature/encryption Account 2: Collegues Account, no s/mime etc. set up, no private cert installed in thunderbird. He has his certificates of course.

When I send an encrypted email from my account (1) to my collegues account (2), and I receive this email from his account (2) in my Thunderbird it comes up _de_crypted in my inbox. How is that possible w/o having his private certificate installed? Also in certificate manager I only have my certificates installed. Also in the sent box the message shows up decrypted, but source only shows the encrypted message.

If I understood encryption properly I use his public key/cert (wich I automatically get from a server) to encrypt a message to him. This message can only be decrypted using his private key/cert. Without me having his private key/cert installed I, as for my understanding, should not be able to read the email I have sent to him when I receive it in my thunderbird (ir in sent items)?

Is TB somehow recognizing that I myself had the message encrypted and therefor displays it decrypted when I receive it from my collegues account? It shows the message in clear text in send objects too even though the source is encrypted. What mechanism is behind that? Again, w/o my collegues private cert/key I should, as for my understanding, not be able to read the mail, neither in sent nor inbox...

Thanks a lot, Oliver

I have 2 email accounts in Thunderbird 24.5.0. Account 1: My Account, s/mime and certs properly setup for signature/encryption Account 2: Collegues Account, no s/mime etc. set up, no private cert installed in thunderbird. He has his certificates of course. When I send an encrypted email from my account (1) to my collegues account (2), and I receive this email from his account (2) in my Thunderbird it comes up _de_crypted in my inbox. How is that possible w/o having his private certificate installed? Also in certificate manager I only have my certificates installed. Also in the sent box the message shows up decrypted, but source only shows the encrypted message. If I understood encryption properly I use his public key/cert (wich I automatically get from a server) to encrypt a message to him. This message can only be decrypted using his private key/cert. Without me having his private key/cert installed I, as for my understanding, should not be able to read the email I have sent to him when I receive it in my thunderbird (ir in sent items)? Is TB somehow recognizing that I myself had the message encrypted and therefor displays it decrypted when I receive it from my collegues account? It shows the message in clear text in send objects too even though the source is encrypted. What mechanism is behind that? Again, w/o my collegues private cert/key I should, as for my understanding, not be able to read the mail, neither in sent nor inbox... Thanks a lot, Oliver

Bewerkt door OliverBN op

Alle antwoorden (3)

more options

you are aware certificates are added automatically upon receipt? ie digitally signed mail adds the certificate when viewed. You obviously have your friends certificate installed, as you can not encrypt a message without is being already installed. The encryption uses their public key.

more options

Hi Matt,

I'm fully aware that I use my collegues public key to encrypt the message I send to him. But I would need his private key to display it decrypted. However when receive an email from his account, wich was sent from mine and encrypted with his public key from my side, it shows the decrypted message in my inbox and sent items. How does TB display the decrypted message from my collegues account w/o me having his private cert? If one could decrypt the public key encrypted message with the public key it would render the encryption system useless. So TB must store the pre-encrypted message somewhere and recognize, upon receiving it, that its actually the same message sent from the same thunderbird installation.

I assume that based on the following: When I send an email from my collegues computer from his account to his account and encrypt it, it shows the expected "message can't be decrypted"-message when I receive it on my computer. So the reason for displaying the decrypted/non-encrypted message must be that TB stored the uncrypted content somewhere and recognize it's the same email upon receive.

Greets, Oliver

more options

it would be in the sent folder.