unable to sign messages with BMPString encoded Certificate

[gzycy2048]

hi,
we got certificates that DNs encoded in BMPString. on thunderbird ,we found out the certificates can't signed message.after select the certificate in security tab in account setting options,the certificate text box show blank.we still can save setting after that. and the security options in mail compose dialog got checked. but when sending or saving the mail, error occurs prompting that sending message failed ,the reason is unable to find the certificate or expired. we got some test certificates that work find.after compare the certificates ,we find out the difference between the certificate is ,DNs of those work find are encoded in UTF8String,but those of not ok are encoded in BMPString.

we understand we may not encode DNs with BMPString anymore,UTF8String is a better choice. but with the VERY-OLD CA,we can't change the encoding type in the next 2 or more years.

and ,we like Thunderbird very much.
so ,we expecting thunderbird can solve this---if this is the case.
thank you so much.

[tanstaafl]

https://bugzilla.mozilla.org/show_bug.cgi?id=386871 seems related. My impression is that this is implemented in the NSS library. That is developed by a different group (and primarily driven by the needs of Firefox users). Given that this problem effects such a small percentage of Thunderbird users (this is the first time I ever heard of BMPString) and the NSS group apparently decided over 4 years ago that the RFC doesn't require them to support that format I think its unrealistic to expect that to get fixed in Thunderbird.