[Dovecot] Pointers for developing a proper encryption plugin?
Christian Felsing
hostmaster at taunusstein.net
Tue Jan 4 08:06:53 EET 2011
Am 04.01.2011 00:58, schrieb Timo Sirainen:
> a) yeah, if you lost your private key or its password, they're lost
If users are aware of that, that will be ok.
> b) but you can change the private key's password
private key should be encrypted with users password. A "change password"
tool must change passphrase for users private key.
> c) and you could also sign the messages with a 3rd admin-key and admin would be able to decrypt them, but this would make it all pretty much pointless.
This may be desirable in enterprise environments, but not for public
mail services. Admin shoud decide to do so or nor.
Christian
More information about the dovecot
mailing list