Send S/MIME signed message
Gmail mangles S/MIME signed messages differently http://fossaguard.blogspot.com/2020/04/smime-signed-messages-support-in-gmail.html
SignedDataby restricting access to the signature (since G Suite uses this format to sign messages)
multipart/signedby rearranging MIME parts of the message converting to
The following approach has been implemented to send S/MIME signed emails:
*@gmail.comaddresses multipart/mixed format used with
smime.p7mattachment which contains original S/MIME multipart/signed message with signature due to the following reasons:
- User will be able to see message content, files without any extension
- User will be able to view content, files of the original message with the digital signature using of Fossa Guard
- to all other addresses a standard S/MIME
SignedDataformat due to the following reasons:
- G Suite accounts use custom domains,
- G Suite uses
SignedDataformat internally for S/MIME signed messages
- Gmail doesn't mangle message to external addresses
Signature status indication
When User opens S/MIME signed message in Gmail UI Fossa Gard extension tries to verify the signature
Once S/MIME signature verified the corresponding status is indicated.
Fossa Guard replaces the content of the message by the original read from
A new button `View Original Message` becomes available to open the email in Fossa Guard View dialog with original message content and original attachments
- The attached certificate chain is not used in the email signature verification procedure until added to the list of trusted.
- Email signature verification is performed per email Sent date.