You are currently viewing a snapshot of taken on April 21, 2008. Most of this content is highly out of date (some pages haven't been updated since the project began in 1998) and exists for historical purposes only. If there are any pages on this archive site that you think should be added back to, please file a bug.

rough architecture notes for PGP & S/MIME integration with mozilla mail & news,,

goal: how to extend mozilla mail & news (specifically the UI, mime and compose) to allow for PGP, S/MIME, etc.

see bug #22687 for some context.


core: UI hooks for "apply transformation to this message". examples: "sign this message", "encrypt this message"
core: pipeling of converters. why? a message can be signed and encrypted
core: expressing and retrieving converters. X-MOZILLA-CONVERTERS header. comma seperated list of converter prog-ids

converters. just like html->text converters, we need to support rfc/822 -> "type" converters.

the implementor of the converter will do the work
example: the "sign message" converter will take rfc/822 message and convert it to a S/MIME message with a new part, the signed part.
they could also append headers and footers to the body, if they wanted. (PGP needs this?)

open issues:

1)  apply transformartions on send. drafts and unsent messages are stored "in the clear". on actual send, we look at the X-MOZILLA-CONVERTERS header and do the transformation. Is this what 4.x did?

Eran Tromer <> writes: "The transformation may require user interaction, e.g., password entry for signing. When messages are queued for later sending ("Unsent Messages"), this interaction should occur when queuing. Delaying this interaction to actual sending is inconvenient and also poses security risks (unsent messages may be modified and then signed without re-inspection)."

I need to see what existing clients (like 4.x) do in this case.

2) what if the converter needs to do a blocking task, like get a cert from a server?  does the converter run on the UI thread?  (ask mscott)


core: UI hooks for "state" of the message. "signed". "encrypted". access to the lock icon?
top level: stream converters. S/MIME -> rfc/822
for parts, need mime content handler for types. see vcard handler

open issues:

1) forwarding an encrypted message?
2) standards for content type S/MIME. PGP. GPG. OpenPGP.
3) Eudora and Outlook, etc. what do we need to do to support reading encrypted message from other clients?

[signed [encrypted [ rfc/822]]