no bug - Bumping Thunderbird l10n changesets r=release a=l10n-bump DONTBUILD
af -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
ar -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
ast -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
be -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
bg -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
br -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
ca -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
cak -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
cs -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
cy -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
da -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
de -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
dsb -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
el -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
en-CA -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
en-GB -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
es-AR -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
es-ES -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
es-MX -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
et -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
eu -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
fi -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
fr -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
fy-NL -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
ga-IE -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
gd -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
gl -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
he -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
hr -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
hsb -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
hu -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
hy-AM -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
id -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
is -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
it -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
ja -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
ja-JP-mac -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
ka -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
kab -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
kk -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
ko -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
lt -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
lv -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
mk -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
ms -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
nb-NO -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
nl -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
nn-NO -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
pa-IN -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
pl -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
pt-BR -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
pt-PT -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
rm -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
ro -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
ru -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
sk -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
sl -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
sq -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
sr -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
sv-SE -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
th -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
tr -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
uk -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
uz -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
vi -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
zh-CN -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
zh-TW -> 2ffb10216e3a4cfcfa5f3dbce157d0e42b9ed6c9
<?xml version="1.0" encoding="utf-8"?><!-- This Source Code Form is subject to the terms of the Mozilla Public - License, v. 2.0. If a copy of the MPL was not distributed with this - file, You can obtain one at http://mozilla.org/MPL/2.0/. --><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"[ <!ENTITY % brandDTD SYSTEM "chrome://branding/locale/brand.dtd" > %brandDTD;]><htmlxmlns="http://www.w3.org/1999/xhtml"><head><title>Signing & Encrypting Messages</title><linkrel="stylesheet"href="helpFileLayout.css"type="text/css"/></head><body><h1id="signing_and_encrypting_messages">Signing & Encrypting Messages</h1><divclass="contentsBox">In this section:<ul><li><ahref="#about_digital_signatures_and_encryption">About Digital Signatures & Encryption</a></li><li><ahref="#getting_other_peoples_certificates">Getting Other People's Certificates</a></li><li><ahref="#configuring_security_settings">Configuring Security Settings</a></li><li><ahref="#signing_and_encrypting_a_new_message">Signing & Encrypting a New Message</a></li><li><ahref="#reading_signed_and_encrypted_messages">Reading Signed & Encrypted Messages</a></li><li><ahref="#message_security_compose_window">Message Security - Compose Window</a></li><li><ahref="#message_security_received_message">Message Security - Received Message</a></li></ul></div><h2id="about_digital_signatures_and_encryption">About Digital Signatures & Encryption </h2><p>When you compose a mail message, you can choose to attach your digital signature to it. A <ahref="glossary.xhtml#digital_signature">digital signature</a> allows recipients of the message to verify that the message really comes from you and hasn't been tampered with since you sent it.</p><p>When you compose a mail message, you can also choose to encrypt it.<ahref="glossary.xhtml#encryption">Encryption</a> makes it very difficult for anyone other than the intended recipient to read the message while it is in transit over the Internet.</p><p>Signing and encryption are not available for newsgroup messages.</p><p>Before you can sign or encrypt a message, you must take these preliminary steps:</p><ol><li>Obtain one or more <ahref="glossary.xhtml#certificate">certificates</a> (the digital equivalents of ID cards). For details, see<ahref="using_certs_help.xhtml#getting_your_own_certificate">Getting Your Own Certificate</a>.</li><li>Configure the security settings for your email account. For details, see<ahref="mailnews_account_settings.xhtml#security">Configuring Your Security Settings</a>.</li></ol><p>Once you have completed these steps, you can complete the instructions in<ahref="#signing_and_encrypting_a_new_message">Signing & Encrypting a New Message</a>.</p><p>The sections that follow provide a brief overview of how digital signatures and encryption work. For more technical details on this subject, see the online document<ahref="http://developer.mozilla.org/en/Introduction_to_Public-Key_Cryptography">Introduction to Public-Key Cryptography</a>.</p><h3id="how_digital_signatures_work">How Digital Signatures Work</h3><p>A digital signature is a special code, unique to each message, created by means of <ahref="glossary.xhtml#public-key_cryptography">public-key cryptography</a>.</p><p>A digital signature is completely different from a handwritten signature, although it can sometimes be used for similar legal purposes, such as signing a contract.</p><p>To create a digital signature for an email message that you are sending, you need two things:</p><ul><li>A <ahref="glossary.xhtml#signing_certificate">signing certificate</a> that identifies you for this purpose. Every time you sign a message, your signing certificate is included with the message. The certificate includes a <ahref="glossary.xhtml#public_key">public key</a>. The presence of the certificate in the message permits the recipient to verify your digital signature.<p>Your certificate is a bit like your name and phone number in the phonebook—it is public information that helps other people communicate with you.</p></li><li>A <ahref="glossary.xhtml#private_key">private key</a>, which is created and stored on your computer when you first obtain a certificate.<p>Your private key for a signing certificate is protected by your<ahref="glossary.xhtml#master_password">Master Password</a>, and the&brandShortName; program does not disclose it to anyone else. The Mail& Newsgroup software uses your private key to create a unique, verifiable digital signature for every message you choose to sign.</p></li></ul><h3id="how_encryption_works">How Encryption Works</h3><p>To encrypt an email message, you must have an<ahref="glossary.xhtml#encryption_certificate">encryption certificate</a> for each of the message's recipients. The public key in each certificate is used to encrypt the message for that recipient.</p><p>If you don't have a certificate for even a single recipient, the message cannot be encrypted.</p><p>The recipient's software uses the recipient's private key, which remains on that person's computer, to decrypt the message.</p><p>[<ahref="#signing_and_encrypting_messages">Return to beginning of section</a>]</p><h2id="getting_other_peoples_certificates">Getting Other People's Certificates</h2><p>Every time you send a digitally signed message, your encryption certificate is automatically included with the message. Therefore, one of the easiest ways to obtain someone else's certificate is for that person to send you a digitally signed message.</p><p>When you receive such a message, the person's certificate is automatically stored by the <ahref="certs_help.xhtml">Certificate Manager</a>, which is the part of the browser that keeps track of certificates. This is useful because you need to have a certificate for each recipient of any email message that you want to send in encrypted form.</p><p>Another way to obtain certificates is to look them up in a public directory, such as the <q>phonebook</q> directories maintained by many companies.</p><p>It's also possible to look up certificates automatically. This feature is controlled by<ahref="mailnews_preferences.xhtml#addressing_preferences">Mail & Newsgroups Preferences - Addressing</a> or<ahref="mailnews_account_settings.xhtml#addressing">Mail & Newsgroups Account Settings - Addressing</a>, which can be configured to look up recipients' email addresses in a directory.</p><p>When you are using any account that is configured to look up addresses in a directory, the same directory will be searched for matching certificates when you attempt to send an encrypted message to one or more recipients for whom you don't have certificates on file.</p><p>The directory will also be searched for missing certificates when you open the drop-down menu below the Security icon in the Compose window and choose View Security Info.</p><p>[<ahref="#signing_and_encrypting_messages">Return to beginning of section</a>]</p><h2id="configuring_security_settings">Configuring Security Settings</h2><p>Once you have obtained an email certificate (or certificates), you must specify the certificates you want to use for signing and encrypting messages.</p><p>For information about obtaining email certificates, see<ahref="using_certs_help.xhtml#getting_your_own_certificate">Getting Your Own Certificate</a>.</p><p>To specify which signing and encryption certificates to use with a particular account, begin from the Mail window:</p><ol><li>Open the Edit menu and choose Mail & Newsgroups Account Settings.</li><li>Click Security under the name of the mail account whose security settings you want to configure.</li><li>Under Digital Signing, click Select. (You may be asked to provide your<ahref="glossary.xhtml#master_password">Master Password</a> before you can proceed further.)<p>A dialog box appears that allows you to select from among your available signing certificates.</p></li><li>Choose the signing certificate you want to use, then click OK.</li><li>Follow the same steps under Encryption: click the Select button, select the encryption certificate you want to use, and click OK.</li><p>In some cases you may be able to specify the same certificate under Encryption that you specified under Digital Signing; check with your system administrator to find out for sure.</p></ol><p>Optionally, you can also indicate that you normally want to sign or encrypt all messages sent from a particular account. These account-specific settings are for convenience only; you can override the default settings for individual messages.</p><p>To configure your default signing and encryption settings, start from the Security panel for the account (described above) and select your settings as follows:</p><ul><li>Under Digital Signing:<ul><li><strong>Digitally sign messages</strong>: When this checkbox is selected, all the messages you send from this account will be digitally signed unless you indicate otherwise before you send the message. To turn off this default setting, deselect the checkbox.</li></ul></li><li>Under Encryption (choose one):<ul><li><strong>Never</strong>: When this option is selected, messages you send from this account will be not be encrypted unless you indicate otherwise before you send them.</li><li><strong>Required</strong>: When this option is selected, all the messages you send from this account will be encrypted—but only if you have valid certificates for each of the message's recipients. If you don't have all the necessary certificates, the message can't be sent unless you turn off encryption for that message.</li></ul></li></ul><p>When you have finished configuring your mail security settings, click OK to confirm them.</p><p>[<ahref="#signing_and_encrypting_messages">Return to beginning of section</a>]</p><h2id="signing_and_encrypting_a_new_message">Signing & Encrypting a New Message</h2><p>Before you can digitally sign or encrypt any message, you must obtain at least one email certificate and configure your mail security settings correctly. For background information on these tasks, see<ahref="#about_digital_signatures_and_encryption">About Digital Signatures& Encryption</a>.</p><p>The settings specified in<ahref="mailnews_account_settings.xhtml#security">Mail & Newsgroups Account Settings - Security</a> determine the default settings for each new Compose window you open when you set out to write an email.</p><p>To open a Compose window, start from the Mail window and click Compose. You can immediately identify the default security settings from the presence or absence of these icons near the lower-right corner of the window:</p><table><tr><td><imgsrc="chrome://messenger/skin/smime/icons/hdrSignOk.gif"alt="digital signature icon"/></td><td>The message will be digitally signed (assuming you have a valid email certificate that identifies you).</td></tr><tr><td><imgsrc="chrome://messenger/skin/smime/icons/hdrCryptoOk.gif"alt="encryption icon"/></td><td>The message will be encrypted (assuming you have valid certificates for all recipients).</td></tr></table><p>To turn these settings off or on, click the arrow just below the Security icon in the Mail toolbar near the top of the window. Then select the item you want from the drop-down list:</p><ul><li><strong>Do Not Encrypt This Message</strong>: Choose this to turn off encryption for this message. The message will not be encrypted when it is sent over the Internet.</li><li><strong>Encrypt This Message</strong>: Choose this to turn on encryption for this message. The message will be sent in encrypted form. However, it can't be sent unless you have valid certificates for all recipients.</li><li><strong>Digitally Sign This Message</strong>: Choose this to turn digital signing on or off for this message. A checkmark indicates the message will be signed.</li><li><strong>View Security Info</strong>: Choose this to view detailed information about the security status of this message—to help you determine, for example, whether you need to obtain a certificate for one of the recipients.</li></ul><p>To view detailed information about the message's security status, you can also click the key or lock icon as described in<ahref="#message_security_compose_window">Message Security - Compose Window</a>.</p><p>[<ahref="#signing_and_encrypting_messages">Return to beginning of section</a>]</p><h2id="reading_signed_and_encrypted_messages">Reading Signed & Encrypted Messages</h2><p>When you view a signed or encrypted message in the Mail window, these icons near the upper-right corner of the message header indicate the security status of the message:</p><table><tr><td><imgsrc="chrome://messenger/skin/smime/icons/hdrSignOk.gif"alt="digital signature icon"/></td><td>The message is digitally signed and has been validated. If there is a problem with the signature, the pen is broken.</td></tr><tr><td><imgsrc="chrome://messenger/skin/smime/icons/hdrSignUnknown.gif"alt="unknown icon"/></td><td>The message is signed, but it has a large attachment that has not yet been downloaded from the IMAP server. As a result, the signature cannot be validated. Click the icon to download the attachment and validate the signature.</td></tr><tr><td><imgsrc="chrome://messenger/skin/smime/icons/hdrCryptoOk.gif"alt="encryption icon"/></td><td>The message is encrypted. If there is a problem with the encryption, the key is broken.</td></tr></table><p>For information about certificate validation, see<ahref="using_certs_help.xhtml#controlling_validation">Controlling Validation</a>.</p><p>To see more detailed information about the message's security, click the key or lock icon, or follow the instructions in<ahref="#message_security_received_message">Message Security - Received Message</a>.</p><p>[<ahref="#signing_and_encrypting_messages">Return to beginning of section</a>]</p><h2id="message_security_compose_window">Message Security - Compose Window</h2><p>This section describes the Message Security window that you can open for any message you are composing. If you're not already viewing Message Security, click the Security icon in the toolbar of the Compose window.</p><p>The Message Security window describes how your message will be sent:</p><ul><li><strong>Digitally Signed</strong>: This line describes whether your message will be signed. There are three possibilities:<ul><li><strong>Yes</strong>: Digital signing has been enabled for this message, you have a valid certificate identifying you, and the message can be signed.</li><li><strong>No</strong>: Digital signing has been disabled for this message.</li><li><strong>Not possible</strong>: Digital signing has been enabled for this message. However, a valid<ahref="glossary.xhtml#certificate">certificate</a> identifying you for this purpose is not available, or there is some other problem that makes signing impossible.</li></ul></li><li><strong>Encrypted</strong>: This line describes whether your message will be encrypted. There are three possibilities:<ul><li><strong>Yes</strong>: Encryption has been enabled for this message, valid certificates for all listed recipients are available, and the message can be encrypted.</li><li><strong>No</strong>: Encryption has been disabled or is not possible for this message.</li><li><strong>Not possible</strong>: Encryption has been enabled for this message. However, a valid certificate for at least one of the listed recipients is not available, or no recipients are listed, or there is some other problem that makes encryption impossible.</li></ul></li></ul><p>When you compose a message and select a different account, the signing and encryption preferences are updated to reflect the settings of the newly selected account.</p><p>The Message Security window also lists the certificates available for the recipients of your message:</p><ul><li><strong>View</strong>: To view the details for any certificate in the list, select its name, then click View.</li></ul><p>For more information about obtaining certificates and configuring message security settings, see <ahref="#signing_and_encrypting_messages">Signing& Encrypting Messages</a>.</p><p>To indicate your signing or encryption choices for an individual message, click the arrow beside the Security button in the Compose window, then select the options you want.</p><p>To indicate your default signing and encryption preferences for all messages, see <ahref="mailnews_account_settings.xhtml#security">Mail & Newsgroups Account Settings - Security</a></p><p>[<ahref="#signing_and_encrypting_messages">Return to beginning of section</a>]</p><h2id="message_security_received_message">Message Security - Received Message</h2><p>This section describes the Message Security window that you can open for any message you have received. If you're not already viewing Message Security for a received message, follow these steps:</p><ol><li>In the Mail window, select the message for which you want to view security information.</li><li>Open the View menu and choose Message Security Info.</li></ol><p>The Message Security window displays the following information:</p><ul><li><strong>Digital Signature</strong>: The top section describes whether the message is digitally signed and if so, whether the signature is valid.</li><p>If validation failed while OCSP was enabled, check the OCSP settings in<ahref="certs_prefs_help.xhtml#privacy_and_security_preferences_certificates">Privacy& Security Preferences - Certificates</a>. If you are not familiar with OCSP, confirm the settings with your system administrator. If your settings are correct, there may be a problem with the OCSP service or the certificate used to create the signature is no longer valid.</p><p>If the signature is invalid because of a problem with a certificate's trust settings, you can use the <ahref="certs_help.xhtml">Certificate Manager</a> to view or edit those settings.</p><li><strong>View Signature Certificate</strong>: If the message is signed, click this button to view the certificate that was used to sign it.</li><li><strong>Encryption</strong>: The bottom section reports whether the message is encrypted and any decrypting problems.<ul><li>If the message's contents have been altered during transit, you should ask the sender to resend it. The changes may have been caused by network problems.</li><li>If a copy of your own certificate (used by the sender to encrypt the message) is not available on your computer, the private key required to decrypt the message cannot be retrieved. The only solution is to import a backup copy of your certificate and its private key (see<ahref="certs_help.xhtml#your_certificates">Your Certificates</a> for details.) If you don't have access to a backup certificate, you will not be able to decrypt the message.</li></ul></li></ul><p>[<ahref="#signing_and_encrypting_messages">Return to beginning of section</a>]</p></body></html>
