[horde] s/mime private key

Michael Menge michael.menge at zdv.uni-tuebingen.de
Fri Oct 30 19:47:12 UTC 2009

Quoting martin_hansen at nym.hush.com:

> Hello,
> I would like to use s/mime but I am a little concerned how Horde
> IMP handles the private key on the server. It is not my server, I
> have only a shared webhosting plan. Because of this I need to know
> if the server admin can retrieve my private key and can read my
> s/mime encrypted e-mails. Also I need to know if I have to enter my
> private key password each time I want to read a s/mime encrypted e-
> mail.

The Key is encrypted with your password in the preferences backend.
You have to enter the password at least one per session, then it is
stored in the session data. You kan make horde forget the password.

But as log as it is stored in the session everyone with access to
the session data and pref backend can use the key.

There has been feature requests to use the crypto device of the
browser but as far as i know it is not implemented yet.

M.Menge                                Tel.: (49) 7071/29-70316
Universität Tübingen                   Fax.: (49) 7071/29-5912
Zentrum für Datenverarbeitung          mail:  
michael.menge at zdv.uni-tuebingen.de
Wächterstraße 76
72074 Tübingen
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5339 bytes
Desc: S/MIME krytographische Unterschrift
URL: <http://lists.horde.org/archives/horde/attachments/20091030/90bbb2af/attachment.bin>

More information about the horde mailing list