Michael Phillips wrote:
I would like to add some functionality to roundcube.
- The ability to check box to automatically sign in next time or to
just save the login. The information would be stored in a cookie that expired in like 30 years, if people on the development team think its ok to store the password it would be done in a hash obviously but everyone's imap/pop client would have to support the hash then.
I think that this would be a useful option to have as well - Thunderbird can remember my IMAP username/password if I want it to and I would like to see the same functionality in Roundcube at some point. Plenty of sites already have this sort of feature, so I don't think it's too difficult to implement, though it may be necessary to save the IMAP username/password as plaintext in the database (or using two-way encryption) to support this.
- GnUPG support, I would like to add the ability sign or encrypt
messages. A user could paste their private key into a form that then saved it on the server in sql. There is probably a huge security issue with saving private keys on a server. I don't know of a php API, I would most likely use exec();
I don't bother encrypting email myself, but I can see this being a useful feature to have for people who do use GPG. I'm not sure how you'd handle the security implications of storing private keys in the database though.
Paul