Re: [SOGo] smime firefox plugin for sogo
2013-08-13 17:37 keltezéssel, David Feurle írta: Hi Péter, thanks for your response. My comments are in the text. Hi David, Am 13.08.2013 13:29, schrieb Szládovics Péter: Dear David, I'm very interested in this subject. My questions above. 2013-08-13 12:36 keltezéssel, David Feurle írta: Dear sogo mailinglist, I have developed a smime plugin for firefox which allows to read smime signed and crypted mails in the webmail interface of sogo. It works fine for me but has certain limitations which up to now prevented me from publishing it. Up to now I'm able to read smime end to end encrypted mail by using the webmail interface. What is still missing is the possibility to compose encrypted mails and the possibility to download any encrypted email attachments. Will you work on it? Up to now I thought that nobody would be interested. So we use it in our company - and for us it was working fine up to now. If there are different user needs I would try to solve the problems. I've the list since April, so I didn't read it :) But now. I Think this problem is only in commercial infrastructure. The mail encryption and security not a high priority in personal environments - *unfortunately* of course. But... I think the mail encription is the task of the mail app - e.g. Thunderbird. In the webmail we need to read in the 90 percent of cases. So, my opinion the reading encrypted mails on the web is almost enough. about Of course it's fine to be able to read emails. I was hoping for some support by the sogo developers to be able to as well compose emails. The problem is that I am familar with javascript/xpcom/c++ but I have no idea of ObjectiveC. In this situation I cannot help you - I've a little shellscript and perl (and minimal PHP) knowledge, but nothing in the above :) (ok, very minimal in javascript - handling mouse events, forms, opening popups - but no more). The plugin enables users of sogo to read their encrypted emails in their browser without the need to save their encryption key on the mail server. Great. Nearly exactly one year ago I was asking this mailing list if there is some interest in making this working and useful for all sogo users. ( see: https://inverse.ca/sogo/lists/arc/users/2012-07/msg00167.html). The current implementation does no longer use the firefox cert store but the Why? If it is a FF plugin, then the best practice is the using the FF certstore - I think. I was doing it using c++. I was not aware that firefox contains all needed XPCOM Components to do smime in the browser. I found some Interfaces in Thunderbird but they are missing in Firefox. Yep, understood. How it works under Linux? Which certstore will be used by your app? My code uses a cryptAPI that uses on Windows the native Cert Store. I think I could change the code easily to allow the firefox cert store now since I learned what interfaces to use. Another thing I was thinking is to upload the crypted private key (pfx/p12) to the sogo server. The Server could serve this file to the browser (when logged in) and prompt the user for the passwort of the key file. This way the user does not need to install his private key on the machine he/she does use for webmail. It would be only be decrypted for one session. windows/Linux system certificate storage and does not longer require the user to have a perl installation. Up to now I have not received any feedback. You have already one. Perhaps it now is of greater interest since the revielings of Edward Snowden showed how limited the security of email is without using end to end encryption. Accept. If there is any interest I could explain in a more detailed form what and how the plugin does what it does and what functions sogo is missing to make the plugin even more useful. I think, if you don't want to upload private key to the webserver, you need to modify the ajax editor. But it will be problem with text mails. The biggest problem is IMHO that the mails are composed in the client but the server handles the mime stuff. I can create a complete smime formated mail in the client, but as far as I know sogo lacks the ability to send this mail composed on the client for me. Yes, it's bigger problem than I thought at first... -- users@sogo.nu https://inverse.ca/sogo/lists
[SOGo] smime firefox plugin for sogo
Dear sogo mailinglist, I have developed a smime plugin for firefox which allows to read smime signed and crypted mails in the webmail interface of sogo. It works fine for me but has certain limitations which up to now prevented me from publishing it. Up to now I'm able to read smime end to end encrypted mail by using the webmail interface. What is still missing is the possibility to compose encrypted mails and the possibility to download any encrypted email attachments. The plugin enables users of sogo to read their encrypted emails in their browser without the need to save their encryption key on the mail server. Nearly exactly one year ago I was asking this mailing list if there is some interest in making this working and useful for all sogo users. ( see: https://inverse.ca/sogo/lists/arc/users/2012-07/msg00167.html). The current implementation does no longer use the firefox cert store but the windows/Linux system certificate storage and does not longer require the user to have a perl installation. Up to now I have not received any feedback. Perhaps it now is of greater interest since the revielings of Edward Snowden showed how limited the security of email is without using end to end encryption. If there is any interest I could explain in a more detailed form what and how the plugin does what it does and what functions sogo is missing to make the plugin even more useful. Best regards, David Feurle smime.p7s Description: S/MIME Kryptografische Unterschrift
Re: [SOGo] smime firefox plugin for sogo
Dear David, I'm very interested in this subject. My questions above. 2013-08-13 12:36 keltezéssel, David Feurle írta: Dear sogo mailinglist, I have developed a smime plugin for firefox which allows to read smime signed and crypted mails in the webmail interface of sogo. It works fine for me but has certain limitations which up to now prevented me from publishing it. Up to now I'm able to read smime end to end encrypted mail by using the webmail interface. What is still missing is the possibility to compose encrypted mails and the possibility to download any encrypted email attachments. Will you work on it? But... I think the mail encription is the task of the mail app - e.g. Thunderbird. In the webmail we need to read in the 90 percent of cases. So, my opinion the reading encrypted mails on the web is almost enough. The plugin enables users of sogo to read their encrypted emails in their browser without the need to save their encryption key on the mail server. Great. Nearly exactly one year ago I was asking this mailing list if there is some interest in making this working and useful for all sogo users. ( see: https://inverse.ca/sogo/lists/arc/users/2012-07/msg00167.html). The current implementation does no longer use the firefox cert store but the Why? If it is a FF plugin, then the best practice is the using the FF certstore - I think. windows/Linux system certificate storage and does not longer require the user to have a perl installation. Up to now I have not received any feedback. You have already one. Perhaps it now is of greater interest since the revielings of Edward Snowden showed how limited the security of email is without using end to end encryption. Accept. If there is any interest I could explain in a more detailed form what and how the plugin does what it does and what functions sogo is missing to make the plugin even more useful. I think, if you don't want to upload private key to the webserver, you need to modify the ajax editor. But it will be problem with text mails. BTW smime. Your mail signature is broken - according to my TB. Something modified your mail body - your MTA, sogo.nu's MTA or the Sympa. -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] smime firefox plugin for sogo
Hi Péter, thanks for your response. My comments are in the text. Am 13.08.2013 13:29, schrieb Szládovics Péter: Dear David, I'm very interested in this subject. My questions above. 2013-08-13 12:36 keltezéssel, David Feurle írta: Dear sogo mailinglist, I have developed a smime plugin for firefox which allows to read smime signed and crypted mails in the webmail interface of sogo. It works fine for me but has certain limitations which up to now prevented me from publishing it. Up to now I'm able to read smime end to end encrypted mail by using the webmail interface. What is still missing is the possibility to compose encrypted mails and the possibility to download any encrypted email attachments. Will you work on it? Up to now I thought that nobody would be interested. So we use it in our company - and for us it was working fine up to now. If there are different user needs I would try to solve the problems. But... I think the mail encription is the task of the mail app - e.g. Thunderbird. In the webmail we need to read in the 90 percent of cases. So, my opinion the reading encrypted mails on the web is almost enough. about Of course it's fine to be able to read emails. I was hoping for some support by the sogo developers to be able to as well compose emails. The problem is that I am familar with javascript/xpcom/c++ but I have no idea of ObjectiveC. The plugin enables users of sogo to read their encrypted emails in their browser without the need to save their encryption key on the mail server. Great. Nearly exactly one year ago I was asking this mailing list if there is some interest in making this working and useful for all sogo users. ( see: https://inverse.ca/sogo/lists/arc/users/2012-07/msg00167.html). The current implementation does no longer use the firefox cert store but the Why? If it is a FF plugin, then the best practice is the using the FF certstore - I think. I was doing it using c++. I was not aware that firefox contains all needed XPCOM Components to do smime in the browser. I found some Interfaces in Thunderbird but they are missing in Firefox. My code uses a cryptAPI that uses on Windows the native Cert Store. I think I could change the code easily to allow the firefox cert store now since I learned what interfaces to use. Another thing I was thinking is to upload the crypted private key (pfx/p12) to the sogo server. The Server could serve this file to the browser (when logged in) and prompt the user for the passwort of the key file. This way the user does not need to install his private key on the machine he/she does use for webmail. It would be only be decrypted for one session. windows/Linux system certificate storage and does not longer require the user to have a perl installation. Up to now I have not received any feedback. You have already one. Perhaps it now is of greater interest since the revielings of Edward Snowden showed how limited the security of email is without using end to end encryption. Accept. If there is any interest I could explain in a more detailed form what and how the plugin does what it does and what functions sogo is missing to make the plugin even more useful. I think, if you don't want to upload private key to the webserver, you need to modify the ajax editor. But it will be problem with text mails. The biggest problem is IMHO that the mails are composed in the client but the server handles the mime stuff. I can create a complete smime formated mail in the client, but as far as I know sogo lacks the ability to send this mail composed on the client for me. I could send it directly via smtp from the client - but I do not have the smtp server settings nor the credentials. BTW smime. Your mail signature is broken - according to my TB. Something modified your mail body - your MTA, sogo.nu's MTA or the Sympa. smime.p7s Description: S/MIME Kryptografische Unterschrift
