------ Исходное сообщение ------
От: "A.L.E.C" <[email protected]>
Кому: [email protected]
Отправлено: 11.01.2016 13:39:37
Тема: Re: [RCD] S/MIME encryption and signing plugin
Storage is the next thing that we could unify and make shared by all
Enigma drivers. At the moment Enigma uses files, but above I was
referring to the UI. We have a list of PGP keys. Do we want a separate
list for certificates or we could merge them on one list?
I believe, everything depends on application. If it is about public
service, the role of the administrator has to be minimized and the user
has to do all work on maintaining base of certificates and keys. If it
is about corporate service, the general address book and base of
certificates are necessary, but also personal address books and bases of
certificates are also useful.
Well, welcome in the server-side encryption word. The same applies to
PGP keys. In this case we just assume server is safe or not. There's
really no point (or just no way) in securing private keys stored on the
server.
Yes, it is impossible to secure the keys which are stored on the server
completely, of course. However if the private key is stored on the
server in the form protected by the password, and the user shows the
password during session, security of private keys will be higher. Here
even it is necessary to invent nothing, PKCS12 provides such storage of
keys.
I was also so already strongly beaten out from the schedule. Besides,
there are many of different tasks in which I have to be engaged.
Unfortunately I also have not much time recently to merge your code
with
Enigma. But as you provided the code, I'm sure someone if not me will
do
this eventually.
I think that there is the third approach. If you specify to me: in THIS
point it is necessary to insert the code transforming the message from
one form to another, the source message is stored HERE, and the result
should be received HERE, I probably could write such code. And such
division would be effective: You would use your knowledge, I - mine.
I am anyway grateful for answers and an explanation of your position.
If it is interesting to you, my plans are as follows:
1. As the working mail system is necessary to me right now, I will use
now the modified version 1.1.3.
2. Today I will create some new servers. On one of them there will be
Rcube 1.2. I will look at Rcube regarding possibility of use of the
existing hooks for my plugin. If it is possible and not too difficult,
the plugin will be modified under version 1.2. If the existing
possibilities of Rcube 1.2 seem to me insufficient, we can discuss it if
you want.
3. In the third turn I will look at those places of an Enigma which you
to me called. Then I will be able to estimate possibility of embedding
of S/MIME encryption by me at an Enigma and, respectively, to solve,
whether I will participate in it.
Best regards
Vladimir
_______________________________________________
Roundcube Development discussion mailing list
[email protected]
http://lists.roundcube.net/mailman/listinfo/dev
