[horde] s/mime private key

[martin_hansen at nym.hush.com]

Hello,

thank you for your replies. Does Horde encrypt the private key by 
itself again? I ask because usually the private key has already 
been encrypted during export on my computer. So the Horde s/mime 
session password is different to the password I have originally 
encrypted the private key with on my computer?

Martin



On Fri, 30 Oct 2009 20:47:12 +0100 Michael Menge 
<michael.menge at zdv.uni-tuebingen.de> wrote:
>Quoting martin_hansen at nym.hush.com:
>
>> Hello,
>>
>> I would like to use s/mime but I am a little concerned how Horde
>> IMP handles the private key on the server. It is not my server, 
>I
>> have only a shared webhosting plan. Because of this I need to 
>know
>> if the server admin can retrieve my private key and can read my
>> s/mime encrypted e-mails. Also I need to know if I have to enter 
>my
>> private key password each time I want to read a s/mime encrypted 
>e-
>> mail.
>>
>
>The Key is encrypted with your password in the preferences 
>backend.
>You have to enter the password at least one per session, then it 
>is
>stored in the session data. You kan make horde forget the 
>password.
>
>But as log as it is stored in the session everyone with access to
>the session data and pref backend can use the key.
>
>There has been feature requests to use the crypto device of the
>browser but as far as i know it is not implemented yet.
>
>
>-------------------------------------------------------------------
>-------------
>M.Menge                                Tel.: (49) 7071/29-70316
>Universität Tübingen                   Fax.: (49) 7071/29-5912
>Zentrum für Datenverarbeitung          mail:  
>michael.menge at zdv.uni-tuebingen.de
>Wächterstraße 76
>72074 Tübingen