[dev] Automatic S/MIME encryption
jnaegele at grierforensics.com
jnaegele at grierforensics.com
Tue Mar 7 22:53:34 UTC 2017
Quoting Joseph Naegele <jnaegele at grierforensics.com>:
> Hi folks,
>
> I submitted an initial patch for automatic S/MIME encryption in IMP for
> enhancement #12736 (https://bugs.horde.org/ticket/12736). Thanks to Jan
> for replying and approving. I figured I'd move the discussion here since I
> have questions about how to implement the remaining necessary
> functionality.
>
> Automatically checking if we have public keys for all intended recipients
> is easy. Now I need to notify the user when encryption can't be performed
> for all recipients. The suggested methods are:
>
> 1. Display a warning message (OK/Cancel) if not all public keys are found
>
> 2. Connect autocompleter with public key lookup in order to show a lock
> icon in recipient bubble when a key is found
>
> I'm not sure where to start on either. I looked briefly at the
> autocompleter code and decided it may be easier to notify the user with a
> message. I haven't figured out how to do this from Compose.php however. My
> hope was to find a way to use a JS alert, similar to the compose
> onbeforeunload handler that asks "Are you sure you want to do this" when
> you close the window.
>
> I'm sure this isn't too difficult but any tips would be appreciated (or if
> anyone with more knowledge has time to implement, please do!).
>
> Thanks!
>
> --
> Joe Naegele
> Grier Forensics
> --
> dev mailing list
> Frequently Asked Questions: http://wiki.horde.org/FAQ
> To unsubscribe, mail: dev-unsubscribe at lists.horde.org
Hi all,
I want to point out once more that we at Grier Forensics will soon
release a plugin for Horde IMP that enables users to send and receive
S/MIME emails without prior exchange of keys. The plugin is part of a
suite of tools called Great DANE, and utilizes DANE SMIMEA for
automatic S/MIME certificate retrieval.
The Horde plugin is now on Github here:
https://github.com/grierforensics/Great-DANE-Horde-Webmail. It's not
up to date with Horde's master branch, but it's trivial to update it.
We would love to see these features become part of Horde Webmail. At a
minimum, automatic encryption would be a great feature to have. I've
provided the initial portion of the patch here:
https://bugs.horde.org/ticket/12736.
After investigating the Horde/IMP codebase it's still unclear to me
how to implement the additional requested feature of notifying the
user when encryption can't be performed for all recipients. It appears
to be very difficult to integrate S/MIME functionality with the
autocompleter, or to alternatively prevent sending and notify the user
after they send a message. It would be very helpful if someone could
point me in the right direction.
Thanks!
--
Joe Naegele
Grier Forensics
More information about the dev
mailing list