An­droid Wish­list: The EMail-​App

Things I do not like with An­droid, and what I would ex­pect in­stead.

The EMail-​App

 This is about the nor­mal EMail App on a stock An­droid 3.1, not about GMail. The con­nec­tion is via IMAP.

  • By de­fault the most re­cent EMail is on top. If I switch to oldest-​first or­der, the old­est EMail is shown when en­ter­ing a folder. I want to see the most re­cent one. If I let the most-​recent or­der, I see dir­ectly the new­est mes­sages, but when I read the old­est un­read mes­sage and de­lete it, the more old mes­sage is dis­played, in­stead of the more re­cent one. KMail is do­ing this bet­ter (it is able to go “up” in­stead of only “down” to go to the more re­cent mes­sage when the most re­cent mail is sor­ted on top), but in KMail I can not se­lect mul­tiple mes­sages as easy as with the nor­mal EMail App (it seems I have to long-​tap on a mail and then tell to se­lect the EMail, and just then I can just quickly tab on the very small area on the left of the sub­ject to se­lect more EMails).
  • Se­lect­ing mes­sages could also be im­proved. When I se­lect sev­er­al mes­sages, and then – by ac­ci­dent – enter a mes­sage and want to go back, the first “go back” un­se­lects all mes­sages and the second “go back” goes back to the folder-​view. I would like to go back dir­ectly to the folder-​view, in­stead of un­se­lect­ing all mes­sages.
  • The folder-​view it­self is also not nice. I have a lot of folders. IMAP sub­folders are sep­ar­ated by a dot, e.g. FreeBSD.arch and FreeBSD.mul­ti­me­dia are the sub­folders arch and mul­ti­me­dia in the folder FreeBSD. Each desktop EMail pro­gram I used so far was in­tel­li­gent enough to cre­ate a folder-​hierarchy out of this, with the pos­sib­il­ity to col­lapse the dis­play of all sub­folders of FreeBSD (I have a lot there, not only those 2) in­to one entry. If I want to field some­thing in my hier­arch­ic­al folder struc­ture, I have to scroll a long list of folders, in­stead of just (auto-)opening (dur­ing drag&drop) the cor­rect hier­archy.
  • I do not find an op­tion to tell that the App shall have a look at more than the de­fault in­box to look for new mes­sages. If I want to know if there is a new mes­sage in one of the oth­er folders, I must have a look in­to the folder(s).
  • It looks like I can only pro­duce TOFU-​replies, I have not found a way to do a prop­er interleaved-​style reply.
  • The er­ror mes­sages when set­ting up an out­go­ing (and I as­sume in­com­ing) serv­er are too brief for my taste. As a de­fault it is OK, but there should be an op­tion to en­able more verbose/​technical er­ror mes­sages for those which are able to un­der­stand them.
  • It does not op­tion­ally save send mails to a spe­cif­ic (con­fig­ur­able) folder.
  • It does not al­low to cryptocally sign mes­sages (at the mo­ment I do not really care if it is via S/​MIME or via PGP).
  • I also would like to tab with two fin­gers, and the text in-​between is se­lec­ted (not only in the EMail-​App).

IBM HTTP Serv­er (7) and Ver­isign In­ter­me­di­ate Cer­ti­fic­ates

I was fight­ing with the right way to add a re­cent Ver­isign cer­ti­fic­ate to a key­store for the IBM HTTP Serv­er (IHS). I have used the ikey­man util­ity on Sol­ar­is.

The prob­lem in­dic­at­or was the er­ror mes­sage “SSL0208E: SSL Hand­shake Failed, Cer­ti­fic­ate val­id­a­tion er­ror” in the SSL log of IHS.

The IBM web­sites where not really help­ful to track down the prob­lem (the miss­ing stuff). The Ver­isign in­struc­tions did not lead to a work­ing solu­tion either.

What was done be­fore: the Ver­isign In­ter­me­di­ate Cer­ti­fic­ates where im­por­ted as “Sign­er Cer­ti­fic­ates”, and the cer­ti­fic­ate for the web­serv­er was im­por­ted with­in “Per­son­al Cer­ti­fic­ates”. Without the sign­er cer­ti­fic­ates the per­son­al cer­ti­fic­ate would not im­port due to an in­ter­me­di­ate cer­ti­fic­ated miss­ing (no val­id trust-​chain).

What I did to re­solve the prob­lem:

  •  I re­moved all Ver­isign cer­ti­fic­ates.
  •  I ad­ded the Ver­isign Root Cer­ti­fic­ate and the Ver­isign In­ter­me­di­ate Cer­ti­fic­ate A as a sign­er cer­ti­fic­ate (use the “Add” but­ton). I also tried to add the Ver­isign In­ter­me­di­ate Cer­ti­fic­ate B, but it com­plained that some part of it was already there as part of the In­ter­me­di­ate Cer­ti­fic­ate A. I skipped this part.
  •  Then I con­ver­ted the serv­er cer­ti­fic­ate and key to a PKS12 file via “openssl pkcs12 -ex­port -in server-cert.arm -out cert-for-ihs.p12 -in­key server-key.arm -name name_​for_​cert_​in_​ihs”.
  • After that I im­por­ted the cert-for-ihs.p12 as a “Per­son­al Cer­ti­fic­ate”. The im­port dia­log of­fers 3 items to im­port. I se­lec­ted the “name_​for_​cert_​in_​ihs” and the one con­tain­ing “cn=verisign class 3 pub­lic primary cer­ti­fic­a­tion au­thor­ity – g5” (when I se­lec­ted the 3rd one too, it com­plained that a part of it was already im­por­ted with a dif­fer­ent name).

With this mod­i­fied key­store in place, I just had to se­lect the cer­ti­fic­ate via “SSLServer­Cert name_​for_​cert_​in_​ihs” in the IHS con­fig and the prob­lem was fixed.