[horde] s/mime private key

martin_hansen at nym.hush.com martin_hansen at nym.hush.com
Fri Oct 30 21:09:49 UTC 2009


thank you for your replies. Does Horde encrypt the private key by 
itself again? I ask because usually the private key has already 
been encrypted during export on my computer. So the Horde s/mime 
session password is different to the password I have originally 
encrypted the private key with on my computer?


On Fri, 30 Oct 2009 20:47:12 +0100 Michael Menge 
<michael.menge at zdv.uni-tuebingen.de> wrote:
>Quoting martin_hansen at nym.hush.com:
>> Hello,
>> I would like to use s/mime but I am a little concerned how Horde
>> IMP handles the private key on the server. It is not my server, 
>> have only a shared webhosting plan. Because of this I need to 
>> if the server admin can retrieve my private key and can read my
>> s/mime encrypted e-mails. Also I need to know if I have to enter 
>> private key password each time I want to read a s/mime encrypted 
>> mail.
>The Key is encrypted with your password in the preferences 
>You have to enter the password at least one per session, then it 
>stored in the session data. You kan make horde forget the 
>But as log as it is stored in the session everyone with access to
>the session data and pref backend can use the key.
>There has been feature requests to use the crypto device of the
>browser but as far as i know it is not implemented yet.
>M.Menge                                Tel.: (49) 7071/29-70316
>Universität Tübingen                   Fax.: (49) 7071/29-5912
>Zentrum für Datenverarbeitung          mail:  
>michael.menge at zdv.uni-tuebingen.de
>Wächterstraße 76
>72074 Tübingen

More information about the horde mailing list