Re: [Evolution-hackers] Developing a new protected message complement
Am Mittwoch 02 April 2014, um 19:00:33 schrieb Matthew Barnes: On Tue, 2014-04-01 at 11:02 -0430, BECERRA Silvana M SIDOR wrote: [...] However, to try to clarify a bit, what we mean by protected Email is that when reply/forward (inline mode) a protected message we're allow to write our response but we should not be able to modify the text of none of the old messages. Additionally, although not commented before, the message should also include custom field in the header that consolidates date, from, to, of all old messages in an orderly manner. For that kind of protection to have any real meaning, all messages should be cryptographically signed by their author and attached in full to all replies and forwards. An Evolution extension could conceivably enforce that. [...] Cryptographically signing each message with a public key or a trusted certificate is really the only way to ensure previous messages are not altered. Might be obvoius: When replying to a message protected that way, the signature for that message should include all attached messages which came with the message replied to. That way, some verifyable signing chain would be created. In case of multiple replies to a single message, i.e. a thread, the signature chain becomes a tree (which is verifyable nonetheless). 2 cent, Christian -- kernel concepts GmbH Tel: +49-271-771091-11 Sieghuetter Hauptweg 48 D-57072 Siegen http://www.kernelconcepts.de/ signature.asc Description: This is a digitally signed message part. ___ evolution-hackers mailing list evolution-hackers@gnome.org To change your list options or unsubscribe, visit ... https://mail.gnome.org/mailman/listinfo/evolution-hackers
Re: [Evolution-hackers] Developing a new protected message complement
On Thu, 2014-04-03 at 10:11 +0200, Christian Hilberg wrote: For that kind of protection to have any real meaning, all messages should be cryptographically signed by their author and attached in full to all replies and forwards. An Evolution extension could conceivably enforce that. [...] Cryptographically signing each message with a public key or a trusted certificate is really the only way to ensure previous messages are not altered. Might be obvoius: When replying to a message protected that way, the signature for that message should include all attached messages which came with the message replied to. That way, some verifyable signing chain would be created. In case of multiple replies to a single message, i.e. a thread, the signature chain becomes a tree (which is verifyable nonetheless). I've seen an app like the one he is describing, [I think]. And I don't think his meaning of protected goes that far - or at least not if I am thinking of the right thing. The app I used was more about just preventing slapdashery - everyone on a mail list knows that muggle's cannot quote property or slash the quoted section to a useless degree. This was just about forcing the format of the messages to be A-B-C-D and putting some additional meta-data into the header of the message for indexing, data-mining, and event injection. A specific definition of that he means by protected is required. Protected as in legally verifiable [cryptographically signed] or protected as in keeping a call-center operator from just deleting everything? -- Adam Tauno Williams mailto:awill...@whitemice.org GPG D95ED383 Systems Administrator, Python Developer, LPI / NCLA signature.asc Description: This is a digitally signed message part ___ evolution-hackers mailing list evolution-hackers@gnome.org To change your list options or unsubscribe, visit ... https://mail.gnome.org/mailman/listinfo/evolution-hackers
Re: [Evolution-hackers] Developing a new protected message complement
On Thu, 2014-04-03 at 12:13 -0400, Adam Tauno Williams wrote: Protected as in legally verifiable [cryptographically signed] or protected as in keeping a call-center operator from just deleting everything? Hi, if it's the later, then the easiest might be to write an external editor, setup evolution to use it (with the external-editor plugin), and then post-process the message when the writer is done with it (also possibly pre-process it). As Matthew said, trying to take care of certain sections in a composer on-the-fly would be unbearable, too complicated. Bye, Milan ___ evolution-hackers mailing list evolution-hackers@gnome.org To change your list options or unsubscribe, visit ... https://mail.gnome.org/mailman/listinfo/evolution-hackers
Re: [Evolution-hackers] Developing a new protected message complement
On Tue, 2014-04-01 at 11:02 -0430, BECERRA Silvana M SIDOR wrote: Actually, we're analyzing the possibility of going to a more updated version of EVO (we have it on canaima 4.0 based on debian 7.0 and Gnome 3.4.2), but we've had trouble compiling a newer version. Do you know where we can get a compiled version that works? I've never heard of Canaima, but if it's a Debian derivative then Debian's testing or experimental repos would be your best bet for newer Evolution packages. However, to try to clarify a bit, what we mean by protected Email is that when reply/forward (inline mode) a protected message we're allow to write our response but we should not be able to modify the text of none of the old messages. Additionally, although not commented before, the message should also include custom field in the header that consolidates date, from, to, of all old messages in an orderly manner. For that kind of protection to have any real meaning, all messages should be cryptographically signed by their author and attached in full to all replies and forwards. An Evolution extension could conceivably enforce that. The inline editing mode simply copies and pastes the source message body into what's essentially a free-form text editor. Trying to protect the pasted text in a free-form editor widget is pointless because it can be easily spoofed, as can any kind of custom message header. Cryptographically signing each message with a public key or a trusted certificate is really the only way to ensure previous messages are not altered. Matthew Barnes ___ evolution-hackers mailing list evolution-hackers@gnome.org To change your list options or unsubscribe, visit ... https://mail.gnome.org/mailman/listinfo/evolution-hackers
Re: [Evolution-hackers] Developing a new protected message complement
Thanks for your quick response. Actually, we're analyzing the possibility of going to a more updated version of EVO (we have it on canaima 4.0 based on debian 7.0 and Gnome 3.4.2), but we've had trouble compiling a newer version. Do you know where we can get a compiled version that works? However, to try to clarify a bit, what we mean by protected Email is that when reply/forward (inline mode) a protected message we're allow to write our response but we should not be able to modify the text of none of the old messages. Additionally, although not commented before, the message should also include custom field in the header that consolidates date, from, to, of all old messages in an orderly manner. We hope have explained a little better ;-). Any idea/help to implement it? Thanks a lot El sáb, 29-03-2014 a las 15:03 -0400, Matthew Barnes escribió: Notificación Automática: Este mensaje ha sido recibido desde la Internet, no se garantiza la autenticidad del remitente. On Fri, 2014-03-28 at 09:42 -0430, BECERRA Silvana M SIDOR wrote: We are in the process of replacing Outlook with Evolution 3.4.4., and we require to add a functionality to Evo mail subsystem, for this purpose we're considering develop a Evolution EExtension/complement to write protected mail messages. It's hard to answer without knowing more details about what you mean by protected messages. Evolution already supports digital signatures and encryption using either the OpenPGP or Secure MIME standards, which is sufficient for most use cases. Most likely you'll need to extend the Camel library, not Evolution directly. Evolution relies on Camel for most low-level mail operations. If you're looking to add a new type of cryptographic security, then the CamelCipherContext base class might be a good starting point. https://developer.gnome.org/camel/stable/CamelCipherContext.html Although the 3.4 release series is long since unsupported, I'm sure we can work with you to add 3rd party extensibility where it's lacking in the current supported release series. Matthew Barnes Notificación Automática: Este mensaje y cualquier archivo que se adjunte contiene información privilegiada y confidencial. Es para uso exclusivo del destinatario. Si usted ha recibido esta comunicación por error, por favor avísenos inmediatamente. Automatic notification: This e-mail and any file transmitted with it are confidential and may be legally privileged. It is intended solely for the addressee and may not be disclosed to or used by anyone other than the addressee. If you have received this e-mail by mistake , please advise the sender immediately ___ evolution-hackers mailing list evolution-hackers@gnome.org To change your list options or unsubscribe, visit ... https://mail.gnome.org/mailman/listinfo/evolution-hackers
Re: [Evolution-hackers] Developing a new protected message complement
Hello Fabiano, El vie, 28-03-2014 a las 19:00 +0100, Fabiano Fidêncio escribió: Notificación Automática: Este mensaje ha sido recibido desde la Internet, no se garantiza la autenticidad del remitente. Hello Silvana, We are in the process of replacing Outlook with Evolution 3.4.4., and we require to add a functionality to Evo mail subsystem, for this purpose we're considering develop a Evolution EExtension/complement to write protected mail messages. Hmm. Is there some technical requirement to use Evolution 3.4.4 instead of a newer version? We have done a lot of improvements regarding to the EWS support in newer versions. We're trying to compile a newer version, but we've had some issues with our Gnome environment (we're using Canaima 4.0 based on Debian 7.0 and Gnome 3.4.2) Where can we find a useful list of all the plugins availables in Evolution? How can we begin to setup a develop environment? What exactly do you need? :-) We want to review the code of a plugin to assess the feasibility and estimate development time of our solution. About setup a development environment, I usually do: https://mail.gnome.org/archives/evolution-hackers/2014-March/msg6.html Is there guide to develop a simple component for Evo and enable it into an existing Evolution instalation? I don't think so, but in our page (https://wiki.gnome.org/Apps/Evolution) you can find some useful information, mainly in Developer Resources and Reference Manuals We'll check this info, thanks. Automatic notification: This e-mail and any file transmitted with it are confidential and may be legally privileged. It is intended solely for the addressee and may not be disclosed to or used by anyone other than the addressee. If you have received this e-mail by mistake , please advise the sender immediately Hmm. This kind of message is not cool in open source mailing lists. This is a corporative mail account automatic notification, I'm sorry for the inconvenience. Best Regards, -- Fabiano Fidêncio Regards, Silvana Notificación Automática: Este mensaje y cualquier archivo que se adjunte contiene información privilegiada y confidencial. Es para uso exclusivo del destinatario. Si usted ha recibido esta comunicación por error, por favor avísenos inmediatamente. Automatic notification: This e-mail and any file transmitted with it are confidential and may be legally privileged. It is intended solely for the addressee and may not be disclosed to or used by anyone other than the addressee. If you have received this e-mail by mistake , please advise the sender immediately ___ evolution-hackers mailing list evolution-hackers@gnome.org To change your list options or unsubscribe, visit ... https://mail.gnome.org/mailman/listinfo/evolution-hackers
[Evolution-hackers] Developing a new protected message complement
Greetings, We are in the process of replacing Outlook with Evolution 3.4.4., and we require to add a functionality to Evo mail subsystem, for this purpose we're considering develop a Evolution EExtension/complement to write protected mail messages. Where can we find a useful list of all the plugins availables in Evolution? How can we begin to setup a develop environment? Is there guide to develop a simple component for Evo and enable it into an existing Evolution instalation? Notificación Automática: Este mensaje y cualquier archivo que se adjunte contiene información privilegiada y confidencial. Es para uso exclusivo del destinatario. Si usted ha recibido esta comunicación por error, por favor avísenos inmediatamente. Automatic notification: This e-mail and any file transmitted with it are confidential and may be legally privileged. It is intended solely for the addressee and may not be disclosed to or used by anyone other than the addressee. If you have received this e-mail by mistake , please advise the sender immediately ___ evolution-hackers mailing list evolution-hackers@gnome.org To change your list options or unsubscribe, visit ... https://mail.gnome.org/mailman/listinfo/evolution-hackers