Zitat von Martijn Brinkers <[email protected]>:
Hi Andreas,- User viewable tagging (subject extension) for incoming signed/encrypted mail ( Sometimes it is really useful if the user is able to check)If I understand you, you want to add some sort of banner to the message containing the security information? something similar to what's added to the headers but now visible for the end-user?Yes , this should be a easy work around to see if the message was signed/encrypted before it reached the gateway. No Outlook user willl every read e-mail headers :-(What might be problematic is that a banner can be easily spoofed. Any djigzo-* header is removed when the email enters Djigzo. Therefore the security headers cannot be spoofed. With a security banner (a text or HTML text part) it's nearly impossible to detect whether the banner is spoofed. So, the banner should only be viewed as informational.
I would suggest to alter the subject with added Tag like "[WAS CRYPTED]" at the end similar to triggered encryption when sending, and the Tag should be unconditionally removed at first incoming stage to prevent spoofing.
No problem, i will try to get involved at Thunderbird etc. to see if there is some work in progress on the crypto part. Maybe there will be a chance to throw it in :-)Yes that would be nice to see whether Thunderbird supports it. Perhaps TrustedBird (a security enhanced Thunderbird) already supports this? http://www.trustedbird.org
Will have a look what others have to say according this... Many Thanks Andreas
smime.p7s
Description: S/MIME Signatur
_______________________________________________ Users mailing list [email protected] http://lists.djigzo.com/lists/listinfo/users
