*Christian Felsing wrote: * > Please consider to add server side private/public key encryption for incoming mails. > If client logs on, the password is used to unlock users server side private key. > If mail arrives from MTA or any other source, mail is encrypted with users public key. > Key pair should be located in LDAP or SQL server. PGP and S/MIME should be supported.> This is for the situation if NSA or other organizations asks admin for > users mail insistently,So ... exactly which security threat are you thinking about preventing here? This won't protect against: * NSA listening in on the mails when they arrive. * NSA taking a backup of your mails and wait for your first attempt to read them - at which time they'll have your private key in plain text. It seems like a much wider protection to just keep you private key for your self. /Peter
On 11.11.2013, at 16.21, Peter Mogensen <apm at one.com> wrote:> *Christian Felsing wrote: > * > > Please consider to add server side private/public key encryption for incoming mails. > > If client logs on, the password is used to unlock users server side private key. > > If mail arrives from MTA or any other source, mail is encrypted with users public key. > > Key pair should be located in LDAP or SQL server. PGP and S/MIME should be supported.http://dovecot.org/patches/2.2/mail-filter.tar.gz can be used to implement this.
Serverside private key probably doesn't protect against much, but a way for users to upload a public key and automatically encrypt all messages when received might have value. Limits exposure for messages at rest. -jf> Den 11. nov. 2013 kl. 15:21 skrev Peter Mogensen <apm at one.com>: > > *Christian Felsing wrote: > * > > Please consider to add server side private/public key encryption for incoming mails. > > If client logs on, the password is used to unlock users server side private key. > > If mail arrives from MTA or any other source, mail is encrypted with users public key. > > Key pair should be located in LDAP or SQL server. PGP and S/MIME should be supported. > >> This is for the situation if NSA or other organizations asks admin for >> users mail insistently, > > So ... exactly which security threat are you thinking about preventing here? > > This won't protect against: > * NSA listening in on the mails when they arrive. > * NSA taking a backup of your mails and wait for your first attempt to read them - at which time they'll have your private key in plain text. > > It seems like a much wider protection to just keep you private key for your self. > > /Peter >