Re: [Evolution] Feature requests



On Thu, 2005-01-06 at 00:40 -0800, Amish Munshi wrote:
Jeffrey Stedfast wrote:

I wish this feature was not important, I wouldnt have requested for this
otherwise. Unfortunately, this feature is critical. It may not be
important to store mails in an encrypted format, but it should atleast be
in encoded . Something other than  plain text is necessary.

What I cant understand is why it cannot be done?
   


I never said encrypting mails locally on disc couldn't be done, I said
it was impractical and a waste of effort.

 


Jeffrey, do you visit clients?

I have, yes.

 You dont have people in the market who 
can read encrypted mails, but you will definately have admins who will 
read mails if they are in plain text.

then you fire them.

It point here is practical situation.

Do me a favour, just impliment this feature. Provide it as an option, 
which can be turned off if the end-user does not need it.

no. evolution is open source, if you want it - you code it. it is a
complete waste of time if you have any idea how security works.

also, when evo decrypts the mail - it will have to put it somewhere -
where would it put it? ram? hard drive in /tmp? it isn't feasable to
decrypt an entire mbox into ram - no one has the memory available on
modern hardware and putting it into /tmp defeats the whole purpose (even
putting it in ram defeats the whole purpose)


changing file-system permissions is sufficient for blocking out everyone
except root, encrypting doesn't block root. so what is the point? it's a
lot of extra processing for no added benefit (except a false sense of
security)

 

Explain to me how root can access encrypted content? If a file is 
encrypted using gpg, how can you read it without the passphrase?

root has access to memory (even gpg has to store the password in memory
while decrypting something) and root also has access to your private
keys.

so yes, they can decrypt it.


no, it is really trivial to do and in fact requires no more effort than
opening a file with vi :)

 


Can you expain, how to do this and not just metion that this is easy to do.

google is your friend :)

anyway, I consider this the end of this fun little conversation since
I'm not going to budge on my stance.

-- 
Jeffrey Stedfast
Evolution Hacker - Novell, Inc.
fejj ximian com  - www.novell.com

Attachment: smime.p7s
Description: S/MIME cryptographic signature



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]