Re: [Fed-Talk] Apple Mail and PKI
Re: [Fed-Talk] Apple Mail and PKI
- Subject: Re: [Fed-Talk] Apple Mail and PKI
- From: "Disiena, Ridley (GRC-VG00)[DB Consulting Group, Inc.]" <email@hidden>
- Date: Tue, 01 Jul 2014 19:10:56 +0000
- Thread-topic: [Fed-Talk] Apple Mail and PKI
The issue with the missing locks and user notification that the message is encrypted and or signed has been around for quite some time. I have also noticed the same unpredictable behavior when rebuilding mailbox, it seems to just shuffle the issue around, messages that were incorrectly not displaying the lock would display it, but others that were showing it would loose it. After exploring for similarities in the messages that were affected, we could find no obvious correlation as to what might be throwing the bug, it seemed to be random.
The heavy risk in this bug is that if a user gets an SMIME message and does not know it is encrypted due to no visual indication in the Mail client, when replying there is a very good possibility of data being unintentionally being transferred in a non-encrypted state. Not a good risk to have when talking about SBU, ITAR, PII, etc.
I have been told there were Apple forum threads describing this issue in previous versions of the OS and Mail, but having looked for them again they may have been archived or scrubbed by Apple as I could not find them… they might exist somewhere.
On 5-42014 I filed a bug report on this 16807850, but it was closed as a duplicate of 15788829 on 5-20-2014. I do not know who owns 15788829, and it is not listed in Open Radar. If anyone has any information on the original bug contents and or status, it would be very helpful.
It is difficult not to get discouraged when a ticket is closed as a duplicate. It appears is little recourse once can do to even get information once a ticket is closed as a duplicate due to the closed nature of the bug reporting system.
Ridley DiSiena
On Jul 1, 2014, at 2:40 PM, Martin M. Lindner <email@hidden> wrote:
> I know this has been discussed several times on the list but most recently others I work with and myself have been experiencing interesting behavior with Apple Mail as it relates to PKI.
>
> As a note, the problems don’t appears to be related to smart cards, I can create the problems using both smart cards and soft certs.
>
> So, first the header bar (i.e., to, from, subject) stops displaying the status of messages that are signed and/or encrypted. Sometimes if I rebuild the mailbox it will work for a while but in short order it disappears:(
>
> Second, The “sign” checkbox is active (i.e., is not grayed out) when a create a new message but if I reply to a message it can take MINUTES to be active:(
>
> Lastly, I still can’t explain when and why the “encryption” checkbox becomes active. Given the same reply email address, sometimes it works and sometimes is doesn’t. I’ve submitted multiple tickets but haven’t gotten any feedback from Apple.
>
> Are others experiencing these issues? I’m running 10.9.4 but this has been an issue for a while.
>
> Thanks,
>
> Marty
> Martin Lindner
> Principal Engineer / Information Assurance Manager
> Software Engineering Institute
> Carnegie Mellon University
> Office: +1 412 268-3107
> Email: email@hidden
> Email: email@hidden
>
>
>
>
>
>
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Fed-talk mailing list (email@hidden)
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden