sign outgoing Mails #5
Comments
|
I'm not sure about adding this feature. That would mean having your private GPG key and its password stored on the server. I guess you could generate one key per server and revoke them should the server be compromised. But still, it doesn't sound really safe to me. I'd like to add some sort of signing though to ensure integrity (i.e. make sure the message has not been tampered between the server and you). What do you think? Did you have a better way of handling this issue in mind? |
|
It should be no probem to sign the emails with a key + passphrases that's stored on the server if every server gets a own key. If someone breaks into my server I've probably bigger problems then a compromised key. Also I could store the revocation keys on my local maschine or keepass container. |
|
That makes sense. Adding this to the roadmap for release 0.4. |
|
awesome, thanks. |
|
This sounds really useful to me if it gets implemented, kudos for the great project. |
|
Hi infertux, do you have any new infos about release 0.4? On 30.03.2014 06:31, stephenjamieson wrote:
|
|
Sorry for the delay @bastelfreak and @stephenjamieson, I can't seem to find the time to work on this project lately. I reckon release 0.4 is at least one month away. I'd happily give commit access to anyone willing to contribute. |
|
I'm currently not able to write usefull python code, also the gpg library is bretty hard to understand ( or I used the wrong docs). Need to lern python for my job anyway, will let you know if I'm able to contribute in the future. |
|
Hey guys, no update on this one yet? It seems like signing is a tough nut to crack. I have tried implementing |
Hi,
first of all, thanks for the script, it's working great :)
Would it be possible to not only crypt outgoing mails but also sign them? I tried by myself to implement that feature, but unfortunately I've no clue about python.
The text was updated successfully, but these errors were encountered: