[Kolab-devel] encrypted email integration

Thomas Asta thomasasta at googlemail.com
Tue Sep 16 19:24:35 CEST 2014


Hello Otto,
jabber is not encrypted, it just uses TLS for one hop. To have end-to-end
encryption you need a plugin.
In this tool, I just discovered,you send the message in this format: SSL
(AES (RSA (message e.g.: new AES))). Of course you can use ElGamal instead
of RSA. With plugins you have interface problems, compare the enigmail
plugin which was not encrypting BCC mails since existence. What a mess.
Better choose a key once and you are done forever - very convenient and
user friendly. So to say: easy. Furthermore you have for such a plugin only
one key per session. Better you can renew it every second when you press a
button or define it yourself. You even can send an new AES over an existing
AES. You can send the message authenticated or not, Jabber does not allow
authentication for the plugins. Even the kryptologic details are much
shorter (e.g. MAC HASH key). You refer to chat, the request was referring
to email: here you encrypt in the same style, but also for attachments,
subject and body. You even can set another password layer onto the three
elements. That is what I currently have understood from the code and
procedures of this spot library. Quite nice is the virtual email function,
which allows email servers without data retention based on a web of trust.
You also can share keys over it.
That´s why I suggested it that it potentially could be explored for kolab.
Kind Regards Tom

On Tue, Sep 16, 2014 at 6:48 PM, Ing. Otto Marroquin <otto at celera.net>
wrote:

> Hello there,
>
> How do you compare the spot solution against a encrypted jabber solution ?
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kolab.org/pipermail/devel/attachments/20140916/76b06424/attachment.html>


More information about the devel mailing list