Hello Martin, "Martijn Brinkers" <[email protected]> schrieb am 14.02.2022 15:04:03:
> Von: "Martijn Brinkers" <[email protected]> > An: [email protected] > Kopie: [email protected] > Datum: 14.02.2022 15:13 > Betreff: Re: [CipherMail User] Autotrust PGP pub keys <Virus checked> > > On Wed, 2022-02-09 at 17:10 +0100, Robert.Wiegand--- via Users wrote: > > Hello, > > > > I got a request to make incoming public PGP keys trusted. > > The idea is to make a register mail address where a person can send > > his pub key and we remove it from the mail and add it to the gateway. > > That's fine and working. > > Now the tricky part: > > We want the user to verify the key via a second way with the key ID. > > The second way wrote the pub key ID in a database and from their the > > verify process should start and check if the key with that ID exists > > and if so it should be trusted. > > Now two questions: > > 1. How can we set the key trusted via cli or something like that? > > At the moment the CLI tool does not support this. But it should not be > hard to add this functionality I think. > That sounds good. Another way could be REST if it's easier to implement or still exists? > > 2. Is it possible to add a header or subject extension after a lookup > > in the database to get a value from their which should be added to > > subject or as header? > > I'm not certain I understand the work-flow you want to implement. > > How should the external user validate the key? With an email challenge? > Or with some other procedure? > Okay, something more information to the workflow: - we have member, which are in a external trusted network (VPN like) where the user is already authenticated, but no public network is avaiable - we want a way to communicate with the user via mail (PGP) and need a verification for their key - the idea is, they send us a mail, encrypted to a specific mail adress and we deattach the PGP key with ciphermail, so we have the public key - now the user can send us via a web form or something like that the ID from his key in the trusted network, so we can validate the pub key received via public internet Regards Robert > Kind regards, > > Martijn Brinkers > > -- > CipherMail email encryption > Email encryption with support for S/MIME, > OpenPGP, PDF Messenger and Webmail Messenger >
