Support Home Communities Home   Search Today's Posts Mark Forums Read

 
 
LinkBack Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #2  
Old 30-Apr-2009, 12:31 PM
Daniel L. Christensen
NNTP User
  
Posts: n/a
Default Re: Manage Certificates in GW8
Wow, this is a lot of good information. I will attempt to respond inline with "[*]"

>>> dthornb<dthornb@no-mx.forums.novell.com> 4/29/2009 1:26 PM >>>

::Here is summary of problems on GroupWise v8 Client running on Windows
Vista. This is a recap of the detailed message I tried to send earlier
that was lost, so I might not have remembered everything.::

- ::When viewing a message, if right-click on sender and choose
\"*Information*\", the contact window doesn't always open, esp. when
the contact has a public certificate stored (trusted).::
[*] When right-clicking on a sender and choosing "Information", whether or not the sender has a public certificate does not enter into the algorithm used to locate the contact. So, this may be a coincidence rather than a cause. The sender is looked up using their GUID (if part of the GroupWise system) and/or email address. The code searches through your name completion search order to attempt to find the contact. When you hover over these users do you see any information for them? Are these problematicusers in an address book that is in your name completion search order? Is the format of the email address the same as how it is stored in the address book (i.e. we have seen problems in the past where sender email addresses take the form of user.po.dom@idomain.com instead of normal format stored in the address book).

- ::When viewing a contact (e.g., open someone in the address book),
you get a window with 5 tabs. If click on \"*Advanced*\" tab, then
click on \"*Manage Certificates*\" button, a window titled \"*Contact
Certificates*\" opens, but this window is always empty, even if
certificates have been stored (trusted) for that individual. This
behavior differs from the v7 behavior where the contact's
\"*Certificates*\" tab showed the stored (trusted) certificates for
that contact.::
[*] I can't duplicate this problem with SP1 code. I have not tried with 8.0 shipping, however, I believe that there may have been a potential problem here. In GroupWise 8, we converted the MSCAPI S/MIME module (gwmsb1.dll) to support the UNICODE character set. In so doing, we incidentally changed the certificate store that GroupWise was using to store/retrieve email certificates. Prior to the change we were using "GW", after the change we were using a store with an unreadable (or Chinese) character. Although, this change would essentially appear to have cleared your previous trusted certificates, it did not affect your ability to trust and validate new certificates. In SP1, we reverted the code back to looking in the "GW" certificate store. You can validate whether or not you are affected by this problem by running the certmgr.msc MMC snap-in and looking at the contents of the "GW" store as well as a conspicuous looking store composed of an unreadable character (i.e. a block) or Chinese character.

- ::Therefore, there is no way to determine before sending an
encrypted message whether you already have a public key certificate
for the recipient.::
- ::Therefore, there is no way to backup the certificates of those
folks for whom you've obtained public keys. Thus, if you have to
switch computers or create a new windows user profile, you can't
easily export/import the certs you've accumulated, thereby
requiring you to re-exchange signed emails or look up the folks in
a public directory. This is not optimal and is a backwards move
from v7.::

- ::If you receive a signed message from someone, then reply to that
individual with an encrypted email without first \"trusting\" their
certificate, v8 happily sends the message, but the recipient can't
open it because they don't have a corresponding encryption key.::
[*] I'm not sure that I understand what you are saying here. Having received a signed message from someone should give you enough information to encrypt a message back to them regardless of whether or not you trusted their certificate. Even if you haven't trusted the certificate, you still have access to their public key that was sent as part of the signed message. Can you provide more information about the problem here?

- ::Sometimes when you open the first signed message from an
individual, the window shows a Red bar with a warning message about
\"security errors\" advising you to click the red bar. Other times,
you don't see this red bar, but only see the ribbon/padlock icon to
the right of the subject line. If you click on the red bar or the
icon, you get the familiar security properties window akin to v7 from
which you can choose whether to trust the sender's certificates. I
don't' understand why the difference in behavior and what triggers the
red bar. I've observed that with the red bar, the security
properties window does not show any \"errors\", but rather simply
asks if you want to trust the certificates-this is clearly not an
\"error\" so the red bar message about errors is confusing.::

- ::In addition, it is no longer obvious that you need to decide
whether to trust a person's certificate. In v7, it always prompted
you, but in v8 it does not. You have to know to click the red bar
or the icon in order to discover if you need to make a trust
decision. This, coupled with #3, makes for easily sending
encrypted messages that can't be opened. ::
- ::In addition, the ribbon/padlock icon is small and placed at
the far right of the subject line on the window, so it is easily
overlooked.::
[*] We introduced the red ribbon as a way of informing the recipient of security concerns without interrupting their work flow by popping up a modal message box. We received feedback that people were very annoyed by the message box that popped up every time you touched a message... even when just scrolling through the item list. It made things like keyboard navigation in the list all but impossible due to the endless popping up of security messages.

I agree that the "error" message should do a better job about conveying the nature of the security problem. Certainly, needing to make a trust decision shouldn't look the same as an invalid or expired certificate. I will write a defect on this, but I can't make any promises on whether or not it will make it into SP1.

As far as the icon being in the upper right corner of the message.... I don't believe that this changed in 8. In fact I don't think that this has changed for a long time. The title of the mail view also indicates that the message is signed or encrypted. Maybe putting the icon next to the senders name would be more useful. What do you think? Any other suggestions?

- ::When you try to send an encrypted message, a pop-up window
titled \"*Select Recipient*\" always appears. The instructions on
this window read, \"*A recipient with multiple certificates is found,
select one certificate to use:*\". ::

- ::This message is confusing/wrong, esp. when you've stored
(trusted) only one certificate for the recipient. ::
- ::Furthermore, the contents of the window show all of the
certificates you have trusted (stored), rather than just the
certificate(s) corresponding to the recipient. This behavior
differs from v7 in which the association was made automatically and
you only had to choose when you had multiple certificates stored
for the same individual. This is a step backwards from v7 and is
very awkward.::

- ::Continuing #5 above, the situation is much worse when you send
encrypted email to multiple recipients. You get the \"*Select
Recipient*\" window pop-up separately for each person in the *TO*
field, yet the window does not tell you which person it is asking
about. I have observed that, if I choose the correct people in each
of the dialogs, the message is sent and the recipients can decrypt,
but I'm not sure if the order of selecting certificates is
important-maybe I just got lucky. In any event, it forces you to
remember the folks you've put in the *TO* list, which can be tricky,
and for long *TO* lists, the multiple pop-ups are quite annoying.
Again, this behavior is a major step backwards from v7.::
[*] This was a bug in shipping 8.0 that has already been fixed in SP1. Sorry :(

Any resources to help us better understand how to manage certificates
in GW8 appreciated.


--
dthornb
------------------------------------------------------------------------
dthornb's Profile: http://forums.novell.com/members/dthornb.html
View this thread: Manage Certificates in GW8
Reply With Quote
 

Tags
certificate, certificate store, encryption, groupwise 8, groupwise client

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Threaded Mode Threaded Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


All times are GMT -6. The time now is 01:14 AM.
Contact Us - NOVELL FORUMS - Archive - Privacy Statement - Top

© 2007 Novell, Inc. All Rights Reserved.

Search Engine Friendly URLs by vBSEO 3.3.0 RC2