On 02/01/2011 11:11 AM, Manuel Faux wrote: > Is this behaviour intended to exist? I think not even being in the same > enterprise legitimises being able to decrypt confidential messages of > others.
I can see whether I can make it optional (default off) to add checks to make sure the email is only delivered in decrypted form if the email address matches the certificate used for decryption. There are a couple of problems that need to be solved. ** Start of technical stuff you can skip if you are not interested ** A message can have multiple recipients so the message should be split if encrypted into multiple recipients. It's also unclear how to handle domain encryption. Domain encryption is used by companies to setup a secure S/MIME tunnel. It currently is not clear whether the certificate was intended as a domain certificate so if additional checks are required to make sure only the intended recipients can read the message the receiving gateway should know whether the certificate is a domain certificate. Another option would be to completely disable domain encryption if the additional checks are enabled because you probably don't want domain encryption in that case. Kind regards, Martijn -- Djigzo open source email encryption
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Users mailing list [email protected] http://lists.djigzo.com/lists/listinfo/users
smime.p7s
Description: S/MIME Cryptographic Signature
