Hi Everyone
I'm still working on a Java implementation of razor. I'm almost finished and am currently working on the revoke/report functionality. While reading the code, I found a disturbing part in one of the functions.
File: Core.pm Function: report()
If a message is reported, a signature is submitted to the server which _can_ answer witherror 230 to request the sending of the whole message text.
If a message is revoked, however, there is always the whole message text sent.
The comment in the code at the referred part is: # send server mails/body parts either # revoked, or requested if reporting
I find this very disturbing, since it is highly probable that revoked messages contain private stuff. I do not like the idea that all messages I revoke are sent to razor's nomination servers in plain text. As a matter of fact: I think this is a design error. Or am I wrong?
Thank you for any opinions/facts about this.
Simon
------------------------------------------------------- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl _______________________________________________ Razor-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/razor-users
