[RCD] S/MIME encryption and signing plugin

Владимир Горпенко vgo at stels.ru
Mon Jan 11 12:54:45 CET 2016


------ Исходное сообщение ------
От: "A.L.E.C" <alec �� alec.pl>
Кому: dev �� lists.roundcube.net
Отправлено: 11.01.2016 13:39:37
Тема: Re: [RCD] S/MIME encryption and signing plugin

>Storage is the next thing that we could unify and make shared by all
>Enigma drivers. At the moment Enigma uses files, but above I was
>referring to the UI. We have a list of PGP keys. Do we want a separate
>list for certificates or we could merge them on one list?
I believe, everything depends on application. If it is about public 
service, the role of the administrator has to be minimized and the user 
has to do all work on maintaining base of certificates and keys. If it 
is about corporate service, the general address book and base of 
certificates are necessary, but also personal address books and bases of 
certificates are also useful.

>Well, welcome in the server-side encryption word. The same applies to
>PGP keys. In this case we just assume server is safe or not. There's
>really no point (or just no way) in securing private keys stored on the
>server.
Yes, it is impossible to secure the keys which are stored on the server 
completely, of course. However if the private key is stored on the 
server in the form protected by the password, and the user shows the 
password during session, security of private keys will be higher. Here 
even it is necessary to invent nothing, PKCS12 provides such storage of 
keys.

>>  I was also so already strongly beaten out from the schedule. Besides,
>>  there are many of different tasks in which I have to be engaged.
>
>Unfortunately I also have not much time recently to merge your code 
>with
>Enigma. But as you provided the code, I'm sure someone if not me will 
>do
>this eventually.
I think that there is the third approach. If you specify to me: in THIS 
point it is necessary to insert the code transforming the message from 
one form to another, the source message is stored HERE, and the result 
should be received HERE, I probably could write such code. And such 
division would be effective: You would use your knowledge, I - mine.

I am anyway grateful for answers and an explanation of your position.

If it is interesting to you, my plans are as follows:
1. As the working mail system is necessary to me right now, I will use 
now the modified version 1.1.3.

2. Today I will create some new servers. On one of them there will be 
Rcube 1.2. I will look at Rcube regarding possibility of use of the 
existing hooks for my plugin. If it is possible and not too difficult, 
the plugin will be modified under version 1.2. If the existing 
possibilities of Rcube 1.2 seem to me insufficient, we can discuss it if 
you want.

3. In the third turn I will look at those places of an Enigma which you 
to me called. Then I will be able to estimate possibility of embedding 
of S/MIME encryption by me at an Enigma and, respectively, to solve, 
whether I will participate in it.

Best regards
       Vladimir



More information about the dev mailing list