Hi all,
Do you remember me ? I had begun (begin ?) a filter system for roundcube, but I see Emi is working on it, so I will not continue...
Btw, I finally switched to roundcube as my main webmail, and a feature who I'd like to have is pgp/gpg working :).
So if nobody is working on it I will be realy happy to help !
How do you see the GPG/PGP feature ? Something working on the server or on the client ?
I'm a developer of FireGPG, an extension for FireGPG who implement gpg's features into Gmail (and Firefox of course), work will be easy, and more if it's implemented into roundcube's interface (and FireGPG will call by roundcube).
What do you think ?
Regards, and sorry for my English :)
Maximilien Cuony [The_Glu] http://theglu.org
List info: http://lists.roundcube.net/dev/
How do you see the GPG/PGP feature ? Something working on the server or on the client ?
Server side GPG requires quite a bit of trust on the part of the user. *Especially* in the USA. The only way the user can ensure privacy is to do it on the client side. I would not want to promote a solution that hands the keys over to an email provider that can be ordered to intercept *and* not be allowed to notify the end user.
List info: http://lists.roundcube.net/dev/
On Thu, 17 Jan 2008 06:54:36 -0800 (PST), Jason Fesler jfesler@gigo.com wrote:
How do you see the GPG/PGP feature ? Something working on the server or
on
the client ?
Server side GPG requires quite a bit of trust on the part of the user. *Especially* in the USA. The only way the user can ensure privacy is to do it on the client side. I would not want to promote a solution that hands the keys over to an email provider that can be ordered to intercept *and* not be allowed to notify the end user.
I tend to think it is more a matter of using a mail host that you trust. As in most of the cases where I've used gpg/pgp, it was server-side. I mean really, if you can't trust them with your keys, why would you trust them with your mail?
This would be trivial to add to RC.
List info: http://lists.roundcube.net/dev/
///////////////////////////////////////////////////// Service provided by hitOmeter.NET internet messaging! .
List info: http://lists.roundcube.net/dev/
On Thu, 2008-01-17 at 07:05 -0800, chris# wrote:
Server side GPG requires quite a bit of trust on the part of the user. *Especially* in the USA. The only way the user can ensure privacy is to do it on the client side. I would not want to promote a solution that hands the keys over to an email provider that can be ordered to intercept *and* not be allowed to notify the end user.
I tend to think it is more a matter of using a mail host that you trust. As in most of the cases where I've used gpg/pgp, it was server-side. I mean really, if you can't trust them with your keys, why would you trust them with your mail?
because encryption is used for communication over un-trusted parties :) so one can use a provider which cannot be trusted to "tunnel" trusted emails.
appart from that, i can clearly see the advantages of server-side encryption:
- no need to mess with all browsers (no need for firegpg or more js)
- might be faster (server may use compiled code and may have more power)
- can be done in the background so you may continue to check mails
- you do not need to carry your key arround with you and/or
- you can encrypt mails on untrusted computers
depending on the amount of work involved, i would let the user choose the way he wants to go ;)
cheers, raoul
I tend to think it is more a matter of using a mail host that you trust. As in most of the cases where I've used gpg/pgp, it was server-side. I mean really, if you can't trust them with your keys, why would you trust them with your mail?
It is less a matter of trusting the host, and more a matter of trusting one's government. Hosts can be compelled to not provide any notification to you what they turn over.
As to trusting a host with my provider, I worry less about that - that's what GPG is for (when both parties have the keys, not the server operators).
The only case where I could see round cube implementing gpg fully on server side is where the user is also the operator. That still leaves keys being stored on a multiuser server, but at least he'd know if he was served an order.
Oh well, off my soap box. Implement what you want. I just hope any README or whatever includes some paranoia.
List info: http://lists.roundcube.net/dev/
Dear Maximilien,
On Jan 17, 2008 4:17 PM, Jason Fesler jfesler@gigo.com wrote:
(...) Oh well, off my soap box. Implement what you want. I just hope any README or whatever includes some paranoia.
+1
I'm not strictly against this feature but then again I wouldn't upload my key to *any* provider.
Think about the general risk. I am not saying that someone will spy on you and steal your key but what if they get hacked etc.. There are multiple scenarios that come to mind. I guess it's fine to have this feature when you are in total control of your environment and don't mind the risk.
Anyway, having said that - and since no one else said, "OH I AM WORKING ON THIS", go knock yourself out. ;-)
Till _______________________________________________ List info: http://lists.roundcube.net/dev/
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi,
Okay, so I will manage both (a way who use gnupg on the server, on another way with FireGPG), and add big warning with the first option :).
Regards,
(Ps: this time I will use the next-devel version ;) )
On Thu, 17 Jan 2008 20:22:41 +0100, till klimpong@gmail.com wrote:
Dear Maximilien,
On Jan 17, 2008 4:17 PM, Jason Fesler jfesler@gigo.com wrote:
(...) Oh well, off my soap box. Implement what you want. I just hope any README or whatever includes some paranoia.
+1
I'm not strictly against this feature but then again I wouldn't upload my key to *any* provider.
Think about the general risk. I am not saying that someone will spy on you and steal your key but what if they get hacked etc.. There are multiple scenarios that come to mind. I guess it's fine to have this feature when you are in total control of your environment and don't mind the risk.
Anyway, having said that - and since no one else said, "OH I AM WORKING ON THIS", go knock yourself out. ;-)
Till _______________________________________________ List info: http://lists.roundcube.net/dev/
On Thu, 17 Jan 2008 07:17:59 -0800 (PST), Jason Fesler jfesler@gigo.com wrote:
I tend to think it is more a matter of using a mail host that you trust. As in most of the cases where I've used gpg/pgp, it was server-side. I mean really, if you can't trust them with your keys, why would you trust them with your mail?
It is less a matter of trusting the host, and more a matter of trusting one's government. Hosts can be compelled to not provide any notification to you what they turn over.
Again, than your mail (and it's contents) will also be at risk. No? A possible solution is to use a mail server in a region with a Government you trust. Is that even possible? Is there such a Government?
As to trusting a host with my provider, I worry less about that - that's what GPG is for (when both parties have the keys, not the server operators).
It seems also possible to store your keys in /your/ directory - assuming almost anything but pop-only mailservice. Also, if the server already has the gpg/pgp binary, than it is merely a matter of telling it where your key is to sign your mail, on an "as needed" basis. Hell, it could even be a matter of uploading it from your own computer to the server on an "as needed" basis.
The only case where I could see round cube implementing gpg fully on server side is where the user is also the operator. That still leaves keys being stored on a multiuser server, but at least he'd know if he was served an order.
That should be reasonable, given that your mail is also stored there. I mean, if you can't trust the provider to separate user space, you cannot trust them with your mail, or anything else.
Oh well, off my soap box. Implement what you want. I just hope any README or whatever includes some paranoia.
I agree, but as much should be said about /anything/ where public communication is involved. Is there really /any/ public communication that is 100% safe and secure. ;)
///////////////////////////////////////////////////// Service provided by hitOmeter.NET internet messaging! .
List info: http://lists.roundcube.net/dev/
On Thu, 17 Jan 2008 20:22:41 +0100, till klimpong@gmail.com wrote:
Dear Maximilien,
On Jan 17, 2008 4:17 PM, Jason Fesler jfesler@gigo.com wrote:
(...) Oh well, off my soap box. Implement what you want. I just hope any README or whatever includes some paranoia.
+1
I'm not strictly against this feature but then again I wouldn't upload my key to *any* provider.
Think about the general risk. I am not saying that someone will spy on you and steal your key but what if they get hacked etc..
Then their ssl certs will /also/ be at risk. Hell, It /really/ is not difficult to "lift" their certs, and implement a little DNS cache poisoning and claim to be them. Then /you/ as their user will continue to use a server you /believe/ to be them. While all the while, they're (the hackers) in complete control of your mail. Phishing also comes to mind.
There are multiple scenarios that come to mind. I guess it's fine to have this feature when you are in total control of your environment and don't mind the risk.
Anyway, having said that - and since no one else said, "OH I AM WORKING ON THIS", go knock yourself out. ;-)
I believe it is a worthy cause in both cases. It would simply be more feasible as a "server side" solution.
On one last note; I can't help but notice the omission of keyservers in any of these scenarios. I mean you /must/ use them. Yet nobody even mentions the possibility of /them/ being trustworthy.
Till
///////////////////////////////////////////////////// Service provided by hitOmeter.NET internet messaging! .
List info: http://lists.roundcube.net/dev/
On Thu, 17 Jan 2008 21:00:38 +0100, "Maximilien Cuony [The_Glu]" maxi.the.glu@gmail.com wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi,
Okay, so I will manage both (a way who use gnupg on the server, on another way with FireGPG), and add big warning with the first option :).
You "rock". :)
If you would like any assistance. Please feel free to contact me off list. Also, I am able to provide a mail server for testing purposes (I run 7 public/private servers).
--Chris
Regards,
(Ps: this time I will use the next-devel version ;) ) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (GNU/Linux) Comment: http://firegpg.tuxfamily.org
iEYEARECAAYFAkePs9cACgkQjKKs5/FTCjVnzgCcC+l2Qyk2md6cwc28t9rXYSlQ tokAni14SSe0UK9JVIBmCn7IMBHvmt4O =5FYz -----END PGP SIGNATURE-----
On Thu, 17 Jan 2008 20:22:41 +0100, till klimpong@gmail.com wrote:
Dear Maximilien,
On Jan 17, 2008 4:17 PM, Jason Fesler jfesler@gigo.com wrote:
(...) Oh well, off my soap box. Implement what you want. I just hope any README or whatever includes some paranoia.
+1
I'm not strictly against this feature but then again I wouldn't upload my key to *any* provider.
Think about the general risk. I am not saying that someone will spy on you and steal your key but what if they get hacked etc.. There are multiple scenarios that come to mind. I guess it's fine to have this feature when you are in total control of your environment and don't mind the risk.
Anyway, having said that - and since no one else said, "OH I AM WORKING ON THIS", go knock yourself out. ;-)
Till _______________________________________________ List info: http://lists.roundcube.net/dev/
-- Maximilien Cuony [The_Glu] http://theglu.org
List info: http://lists.roundcube.net/dev/
///////////////////////////////////////////////////// Service provided by hitOmeter.NET internet messaging! .
List info: http://lists.roundcube.net/dev/
-
chris# -
Jason Fesler -
Maximilien Cuony -
Raoul Bhatia [IPAX] -
till