Comments (9)
infertux
commented on May 20, 2024
I'm not sure about adding this feature. That would mean having your private GPG key and its password stored on the server. I guess you could generate one key per server and revoke them should the server be compromised. But still, it doesn't sound really safe to me.
I'd like to add some sort of signing though to ensure integrity (i.e. make sure the message has not been tampered between the server and you).
What do you think? Did you have a better way of handling this issue in mind?
from zeyple.
bastelfreak
commented on May 20, 2024
It should be no probem to sign the emails with a key + passphrases that's stored on the server if every server gets a own key. If someone breaks into my server I've probably bigger problems then a compromised key. Also I could store the revocation keys on my local maschine or keepass container.
from zeyple.
infertux
commented on May 20, 2024
That makes sense. Adding this to the roadmap for release 0.4.
from zeyple.
bastelfreak
commented on May 20, 2024
awesome, thanks.
from zeyple.
stephenjamieson
commented on May 20, 2024
This sounds really useful to me if it gets implemented, kudos for the great project.
from zeyple.
bastelfreak
commented on May 20, 2024
Hi infertux,
do you have any new infos about release 0.4?
On 30.03.2014 06:31, stephenjamieson wrote:
This sounds really useful to me if it gets implemented, kudos for the great project.
Reply to this email directly or view it on GitHub:
#5 (comment)
from zeyple.
infertux
commented on May 20, 2024
Sorry for the delay @bastelfreak and @stephenjamieson, I can't seem to find the time to work on this project lately. I reckon release 0.4 is at least one month away. I'd happily give commit access to anyone willing to contribute.
from zeyple.
bastelfreak
commented on May 20, 2024
I'm currently not able to write usefull python code, also the gpg library is bretty hard to understand ( or I used the wrong docs). Need to lern python for my job anyway, will let you know if I'm able to contribute in the future.
from zeyple.
kaosmonk
commented on May 20, 2024
Hey guys, no update on this one yet? It seems like signing is a tough nut to crack. I have tried implementing Context.encrypt_sign but have been hitting the wall with that one. @infertux any chance you'll be able to look into this any time soon?
from zeyple.
Related Issues (20)
- HTML mail evaluates as non-multipart HOT 2
- postfix - Relay access denied HOT 1
- Support both IPv4/6
- Honour "quoted-printable" encoding HOT 6
- Possible issue on character encoding with php-mailer HOT 1
- Docker image HOT 1
- Protect headers by using autocrypt memoryhole HOT 2
- Sender address is not allowed.
- Suggestions / small fix
- Replace python-gpgme with python-gpg HOT 4
- Support manual key import? HOT 2
- Look up final recipient via aliases HOT 2
- Senmail support? HOT 2
- Script died with status 1 HOT 8
- Debian 10 : python-gpgme is obsolete HOT 1
- Debian package fails to configure if pip is not insatlled HOT 1
- Keys with empty name (uid) fields cannot be found
- zeyple breaks opendkim HOT 1
- End to End Encryption for using K-9 Mail/Open Keychain
- New release
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from zeyple.