Mercurial > hg > rc1
comparison plugins/enigma/README @ 0:1e000243b222
vanilla 1.3.3 distro, I hope
| author | Charlie Root |
|---|---|
| date | Thu, 04 Jan 2018 15:50:29 -0500 |
| parents | |
| children |
comparison
equal
deleted
inserted
replaced
| -1:000000000000 | 0:1e000243b222 |
|---|---|
| 1 Enigma Plugin for Roundcube | |
| 2 | |
| 3 This plugin adds support for viewing and sending of signed and encrypted | |
| 4 messages in PGP (RFC 2440) and PGP/MIME (RFC 3156) format. | |
| 5 | |
| 6 The plugin uses gpg binary on the server and stores all keys | |
| 7 (including private keys of the users) on the server. | |
| 8 Encryption/decryption is done server-side. So, this plugin | |
| 9 is for users that trust the server. | |
| 10 | |
| 11 | |
| 12 Implemented features: | |
| 13 --------------------- | |
| 14 + PGP: signatures verification | |
| 15 + PGP: messages decryption | |
| 16 + PGP: Sending of encrypted/signed messages | |
| 17 + PGP: keys management UI (key import, export, delete) | |
| 18 + PGP: key generation (client- or server-side) | |
| 19 + Handling of PGP keys attached to incoming messages | |
| 20 + User preferences to disable plugin features | |
| 21 + Attaching public keys to email | |
| 22 + Key server(s) support (search, import) | |
| 23 | |
| 24 | |
| 25 TODO: | |
| 26 ----- | |
| 27 - Handling of big messages with temp files (? - security) | |
| 28 - Key info in contact details page (optional) | |
| 29 - Extended key management: | |
| 30 - disable, | |
| 31 - revoke, | |
| 32 - change expiration date, change passphrase, add photo, | |
| 33 - manage user IDs | |
| 34 - export private keys | |
| 35 - Generate revocation certs | |
| 36 - Search filter to see invalid/expired keys | |
| 37 - Key server(s) support (upload, refresh) | |
| 38 - Mark keys as trusted/untrasted, display appropriate message in verify/decrypt status | |
| 39 - Support for multi-server installations (store keys in sql database? probably impossible with GnuPG 2.1) | |
| 40 - Performance improvements: | |
| 41 - cache decrypted message key id so we can skip decryption if we have no password in session | |
| 42 - cache (last or successful only?) sig verification status to not verify on every msg preview (optional) | |
| 43 - S/MIME: Certs generation (?) | |
| 44 - S/MIME: Certs management | |
| 45 - S/MIME: signed messages verification | |
| 46 - S/MIME: encrypted messages decryption | |
| 47 - S/MIME: Sending signed/encrypted messages | |
| 48 - S/MIME: Handling of certs attached to incoming messages | |
| 49 - S/MIME: Certificate info in Contacts details page (optional) | |
| 50 | |
| 51 | |
| 52 KNOWN ISSUES: | |
| 53 ------------- | |
| 54 There are some known issues with accepting key passphrases on various | |
| 55 system configurations. This is caused by issues in PinEntry handling. | |
| 56 Make sure that vendor/bin/crypt-gpg-pinentry works from command line. | |
| 57 | |
| 58 Possible reasons: | |
| 59 - non-working loader in shebang (#! /usr/bin/env php) | |
| 60 Make sure it works for the user the php scripts are executed upon | |
| 61 (i.e. apache, www-date, etc.) | |
| 62 - SELinux setting, try command: setsebool -P httpd_unified 0 | |
| 63 | |
| 64 Note: pinentry is used with gpg >= 2.0 and <= 2.1.12. | |
| 65 Note: for server use GnuPG developers still recommend version 1.4. |