[RCD] S/MIME encryption and signing plugin

A.L.E.C alec at alec.pl
Thu Jan 14 21:13:12 CET 2016


On 01/12/2016 03:15 PM, Владимир Горпенко wrote:
> I fluently saw enigma_driver.php. If I correctly understand, you suggest
> to make the driver for S/MIME.
> 
> I have some questions.
> 
> 1. Processing of the message is entirely made in memory? And if message
> is very big? Is ciphered and subscribes not only the text of the
> message, but also the attached files.

Yes. In case of plain text messages. For messages with mime structure we
load one encrypted part at a time. Parsing big plain text messages using
temp files is planned for future.

> 3. php openssl works with private keys and certificates. And the driver
> receives only keys. Whether it is possible to build in this scheme work
> with certificates?

Sorry, I don't have enough knowledge about S/MIME yet to provide help here.

> 4. The certificate can be attached to the received message. It can be
> kept by the recipient for further use. It can be done in the existing
> scheme?

We already have handling of attached public keys so you can import them
on request, but we probably need to implement use of them for decryption
of the same message.

There's currently no option to attach a key to messages being sent.

> 5. The certificate attached to the signed message can be invalid or not
> entrusted. For verification of the power of attorney of the certificate
> the base of the entrusted CA is necessary. It can be realized in the
> driver?

Well, probably some changes will be needed, but PGP keys can also be
entrusted or invalid or expired, etc. Not all is implemented yet.

-- 
Aleksander 'A.L.E.C' Machniak
Kolab Groupware Developer        [http://kolab.org]
Roundcube Webmail Developer  [http://roundcube.net]
---------------------------------------------------
PGP: 19359DC1 @@ GG: 2275252 @@ WWW: http://alec.pl


More information about the dev mailing list