[Fwd: Bugmail is less secure than Bug views]

byron bugzilla at glob.com.au
Tue Jun 12 14:04:52 UTC 2007


> This is an email forwarded with permission from the Mozilla security 
> group mailing list, on the subject of the fact that Bugzilla access is 
> now SSL-protected, but bugmail is still transmitted in the clear.


i recon we should implement this as a bugzilla plugin -- pass the
message to an external handler after it has been packaged in mime for
modification, then deliver the modified content.

it can then use whatever's appropiate to sign the message .. call
openssl, pgp, .net, ...


-b


begin-base64 644 signature.gif
R0lGODlhbQAHAIAAAABPo////ywAAAAAbQAHAAACfAxuGAnch+Bibkn7FL1p
XgVl4Ig1jjlZRoqybgun2Cur5uOunq7u/Ipq7WIyIc7XG9JquEgumPzdlhTf
h0O83kDJaXEm8mRHwXKJy5sac7qYOpT+gtv0n+0ujQOfdqh16caWt0foBViH
N1PRMXimiLUGt3ElVimlgbllWAAAOw==



More information about the developers mailing list