Am 30.10.2013 12:16, schrieb Thomas Bruederli: > Charles McNulty wrote: >> If I can get some answers to these questions, I'd love to start developing >> this.
That would be just great! > The initial idea was indeed to store the message body in plain text and > make sure it only remains in local storage if the session timed out and the > message could neither be sent nor saved as draft. Or if it could be saved as a draft some time, but if the last attempt(s) failed for whatever reason (i.e. unstable Internet connection which does not necessarily lead to a session timeout). > If we want some sort of encryption for these contents, I propose to start > with a simple DES or AES encryption using a key that is derived from the > user ID and the Roundcube's des_key config option. That would at least deny > access to the contents for other users of the same webmail as well as for > direct access to the local storage through the browser's console. I second that. Although I could even live with unencrypted data (at least better than with no local storage at all). Cheers, -- Michael Heydekamp Co-Admin freexp.de Düsseldorf/Germany _______________________________________________ Roundcube Development discussion mailing list [email protected] http://lists.roundcube.net/mailman/listinfo/dev
