GPG/PGP Encryption
Mark Dehus
dehus at csel.cs.colorado.edu
Wed Feb 15 18:49:37 CET 2006
My suggestion would be to wait for the plugin architecture to be
developed and then do encryption/decryption as a plugin. That way it
leaves things more open for the user to decide what they want to use
(example one could have a plugin that uses openssl instead of PGP). IMHO
encryption is more of an extension then something that should be added
to the core base of the webmail client.
Mark
Bradley Holt wrote:
>Sorry, should have thought of this as well in my first e-mail:
><http://pecl.php.net/package/gnupg>. Thoughts on relying on PECL
>packages?
>
>--
>Bradley Holt
>
>On 2/15/06, Bradley Holt <bradley.holt at gmail.com> wrote:
>
>
>>I noticed that support for GPG/PGP encryption was on the RoundCube
>>roadmap as a planned feature. I, for one, think this would be an
>>awesome feature to have in a webmail client. It does bring up some
>>issues with storing private keys for signing purposes. I guess users
>>would just have to trust their webmail provider with securing their
>>private keys.
>>
>>One possibility would be to implement the feature in two phases:
>>message encryption first since it relies on public keys only and then
>>message signing which relies on private keys. This project is
>>abandoned <http://freshmeat.net/projects/openpgpwebmail/> but might be
>>able to be gutted and reused for the message encryption portion of the
>>problem. It looks like it's under the GNU GPL just as RoundCube is so
>>using code from it shouldn't be a problem.
>>
>>If I get some time I may try and see if I can graft some GPG/PGP
>>features in to RoundCube. My initial idea would be to make these
>>features dependent on GnuPG. Thoughts?
>>
>>--
>>Bradley Holt
>>
>>
>>
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.roundcube.net/pipermail/dev/attachments/20060215/b89feb88/attachment.html>
More information about the Dev
mailing list