[Dovecot] Pointers for developing a proper encryption plugin?

tomas at tuxteam.de tomas at tuxteam.de
Tue Jan 4 08:38:09 EET 2011


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue, Jan 04, 2011 at 01:53:37AM +0200, Timo Sirainen wrote:
> On 3.1.2011, at 20.05, dovecot at moorooboorai.com wrote:
> 
> > One thing that's always itching when I think about mail-servers, is the storage of e-mail messages in (rather) plain-text.

[...]

> 2) I remember Alex Baule has been talking about things more or less related to this.. Although I'm not longer entirely certain what it is that he's built. You could try asking him.

Imho, once messages are decrypted/decryptable server-side (be it
password, key whatever) we've lost. Messages have to be decrypted
client-side.

The idea upthread (Jan-Frode) to keep a public key server-side and
encrypt messages on arrival seems to me the way to go.

A nice challenge would be to devise something to do full-text indexing
on the server-side encrypted data (it won't be as efficient as indexing
of plain text, but... is that at all possible?)

Regards
- -- tomás
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFNIsBRBcgs9XrR2kYRAg0WAJ9aI2hFWYyvcZmWiEYHwwyLADZl8wCfUtqN
YWl/Wp5Ff3iFBE0/0pypqkA=
=3Waa
-----END PGP SIGNATURE-----


More information about the dovecot mailing list