On 09/08/2014 10:59 AM, mots wrote: > I've seen this feature advertised here: > http://www.ciphermail.com/gateway.html But I can't find anything > about how to enable it in the documentation. I've tried sending > myself the public key for my hotmail address as pub.key and > pubkey.asc, yet no key was added to Ciphermail. > > The key is also on the pool.sks-keyservers.net key servers, yet > Ciphermail didn't download it automatically when I sent myself a > signed email.
> Where can I find the documentation for this feature? The > administration guide doesn't say anything about it. Currently the gateway will only extract a key if the key is attached to the email as a separate attachment with content type set to "application/pgp-keys". For example with Enigmail you can select "Attach My Public Key" when composing a message. This will attach your public key as an attachment. The gateway will then extract the key. Currently the gateway will not automatically download a key from a key server. I'm a little anxious to add that feature since that option can be used to DOS the gateway by sending a lot of signed messages. The gateway will then try to download a key from an external server over and over. The main reason of supporting extracting attached keys is that not all keys are stored on a key server. If someone send a key by email which is not on a key server, the key will end up in the mailbox of the recipient. This recipient is likely not to be the gateway admin and does not know what to do with it. Also in this case the admin cannot import the public key because the key is not on a key server and the email with the key might not be accessible by the gateway admin. Therefore in this case it might be a good to import the key (which is not enable by default though). Note that importing a key does not mean the key is automatically trusted. Kind regards, Martijn Brinkers -- CipherMail email encryption Open source email encryption gateway with support for S/MIME, OpenPGP and PDF messaging. http://www.ciphermail.com Twitter: http://twitter.com/CipherMail _______________________________________________ Users mailing list [email protected] https://lists.djigzo.com/lists/listinfo/users
