I see your point, thought I still think the feature would be useful mostly because the administrator does not currently get notified when a key is missing. (Or maybe I have missed the option for it in the documentation.) Sending an Email to the administrator with "[email protected] sent us a signed Email but we don't have the public key" would be alright, even if it's not as comfortable as automatic downloads & imports.
Kind regards and I hope this message will get to the correct place, mots -----Ursprüngliche Nachricht----- Von: Martijn Brinkers <[email protected]> Gesendet: Mo 08.09.2014 11:37 Betreff: Re: [Djigzo users] Automatic PGP key extraction from incoming mail An: [email protected]; > On 09/08/2014 10:59 AM, mots wrote: > > I've seen this feature advertised here: > > http://www.ciphermail.com/gateway.html But I can't find anything > > about how to enable it in the documentation. I've tried sending > > myself the public key for my hotmail address as pub.key and > > pubkey.asc, yet no key was added to Ciphermail. > > > > The key is also on the pool.sks-keyservers.net key servers, yet > > Ciphermail didn't download it automatically when I sent myself a > > signed email. > > > Where can I find the documentation for this feature? The > > administration guide doesn't say anything about it. > > Currently the gateway will only extract a key if the key is attached to > the email as a separate attachment with content type set to > "application/pgp-keys". For example with Enigmail you can select "Attach > My Public Key" when composing a message. This will attach your public > key as an attachment. The gateway will then extract the key. > Currently the gateway will not automatically download a key from a key > server. I'm a little anxious to add that feature since that option can > be used to DOS the gateway by sending a lot of signed messages. The > gateway will then try to download a key from an external server over and > over. The main reason of supporting extracting attached keys is that not > all keys are stored on a key server. If someone send a key by email > which is not on a key server, the key will end up in the mailbox of the > recipient. This recipient is likely not to be the gateway admin and does > not know what to do with it. Also in this case the admin cannot import > the public key because the key is not on a key server and the email with > the key might not be accessible by the gateway admin. Therefore in this > case it might be a good to import the key (which is not enable by > default though). Note that importing a key does not mean the key is > automatically trusted. > > Kind regards, > > Martijn Brinkers > > -- > CipherMail email encryption > > Open source email encryption gateway with support for S/MIME, OpenPGP > and PDF messaging. > > http://www.ciphermail.com > > Twitter: http://twitter.com/CipherMail > _______________________________________________ > Users mailing list > [email protected] > https://lists.djigzo.com/lists/listinfo/users >
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Users mailing list [email protected] https://lists.djigzo.com/lists/listinfo/users
