One problem with signing e-mail messages with S/MIME is that when the certificate expiring date is outdated the information of the certificate will be shown as it becoming invalid.
It would be nice for Thunderbird to download some Secure TimeStamp from Mozilla servers with no expiring date, and attached to the message in the database from the messages received if they don't contain a valid Secure TimeStamp on them.
When receiving the message the client would contact the OCSP / CRL and verify it there isn't anything wrong with the certificate, and if nothing is wrong it should get a secure timestamp for the message or accept the one included, if any is present.
These should allow Mozilla to show messages properly signed with S/MIME as valid for longer time, at least until de root certificate expires.