Re: [Dovecot] server side private/public key
Serverside private key probably doesn't protect against much, but a way for users to upload a public key and automatically encrypt all messages when received might have value. Limits exposure for messages at rest. -jf > Den 11. nov. 2013 kl. 15:21 skrev Peter Mogensen : > > *Christian Felsing wrote: > * > > Please consider to add server side private/public key encryption for > > incoming mails. > > If client logs on, the password is used to unlock users server side private > > key. > > If mail arrives from MTA or any other source, mail is encrypted with users > > public key. > > Key pair should be located in LDAP or SQL server. PGP and S/MIME should be > > supported. > >> This is for the situation if NSA or other organizations asks admin for >> users mail insistently, > > So ... exactly which security threat are you thinking about preventing here? > > This won't protect against: > * NSA listening in on the mails when they arrive. > * NSA taking a backup of your mails and wait for your first attempt to read > them - at which time they'll have your private key in plain text. > > It seems like a much wider protection to just keep you private key for your > self. > > /Peter >
Re: [Dovecot] server side private/public key
On 11.11.2013, at 16.21, Peter Mogensen wrote: > *Christian Felsing wrote: > * > > Please consider to add server side private/public key encryption for > > incoming mails. > > If client logs on, the password is used to unlock users server side private > > key. > > If mail arrives from MTA or any other source, mail is encrypted with users > > public key. > > Key pair should be located in LDAP or SQL server. PGP and S/MIME should be > > supported. http://dovecot.org/patches/2.2/mail-filter.tar.gz can be used to implement this.
[Dovecot] server side private/public key
*Christian Felsing wrote: * > Please consider to add server side private/public key encryption for incoming mails. > If client logs on, the password is used to unlock users server side private key. > If mail arrives from MTA or any other source, mail is encrypted with users public key. > Key pair should be located in LDAP or SQL server. PGP and S/MIME should be supported. This is for the situation if NSA or other organizations asks admin for users mail insistently, So ... exactly which security threat are you thinking about preventing here? This won't protect against: * NSA listening in on the mails when they arrive. * NSA taking a backup of your mails and wait for your first attempt to read them - at which time they'll have your private key in plain text. It seems like a much wider protection to just keep you private key for your self. /Peter
