S/MIME: Do not override encryption algorithm settings
In src/smime/lib/e-cert-db.c we have:
static void initialize_nss (void) { /* Use camel_init() to initialise NSS consistently... */ camel_init (e_get_user_data_dir (), TRUE);
/* ... except for the bits we only seem to do here. FIXME */
PK11_SetPasswordFunc (pk11_password);
/* Enable ciphers for PKCS#12 */
SEC_PKCS12EnableCipher (PKCS12_RC4_40, 1);
SEC_PKCS12EnableCipher (PKCS12_RC4_128, 1);
SEC_PKCS12EnableCipher (PKCS12_RC2_CBC_40, 1);
SEC_PKCS12EnableCipher (PKCS12_RC2_CBC_128, 1);
SEC_PKCS12EnableCipher (PKCS12_DES_56, 1);
SEC_PKCS12EnableCipher (PKCS12_DES_EDE3_168, 1);
SEC_PKCS12SetPreferredCipher (PKCS12_DES_EDE3_168, 1);
PORT_SetUCS2_ASCIIConversionFunction (p12u_ucs2_ascii_conversion_function);
}
Which is actually not supported by f.ex. outlook anymore, which currently seems to default to: aes-256-cbc
In general, I think that these should be looked over and "refreshed" - why aren't they available in settings? It's actually quite embarrassing, =)