On Sat Nov 30 13:00:45 CET 2013, Thomas Bruederli wrote:
But in terms of architecture, a purely client-side encryption/decryption is the preferred and most secure way.
OK, this depends on which side of the cryptosystem you assume to be more trustworthy: the server or your browser runtime. Especially javascript has some major drawbacks when it comes to crypto (just think XSS). See eg. here for a discussion: http://www.matasano.com/articles/javascript-cryptography/
A S/MIME browser plugin would definitely be the way to go, security-wise.
Unfortunately, this is a nightmare maintenance-wise ... and also would take considerably more time (which is, as always, the limiting factor).
So I'd rather stick with a server-side approach, even if it would not make it into an official release.
Kind regards /markus