Re: [Evolution-hackers] Developing a new protected message complement



Am Mittwoch 02 April 2014, um 19:00:33 schrieb Matthew Barnes:
On Tue, 2014-04-01 at 11:02 -0430, BECERRA Silvana M SIDOR wrote:
[...] 
However, to try to clarify a bit, what we mean by "protected Email" is
that when reply/forward (inline mode) a "protected message" we're
allow to write our response but we should not be able to modify the
text of none of the old messages. Additionally, although not commented
before, the message should also include custom field in the header
that consolidates date, from, to, of all old messages in an orderly
manner.

For that kind of "protection" to have any real meaning, all messages
should be cryptographically signed by their author and attached in full
to all replies and forwards.  An Evolution extension could conceivably
enforce that.
[...] 
Cryptographically signing each message with a public key or a trusted
certificate is really the only way to ensure previous messages are not
altered.

Might be obvoius: When replying to a message protected that way,
the signature for that message should include all attached messages
which came with the message replied to. That way, some verifyable "signing
chain" would be created. In case of multiple replies to a single
message, i.e. a thread, the signature chain becomes a tree (which is
verifyable nonetheless).

2 cent,

        Christian

-- 
kernel concepts GmbH       Tel: +49-271-771091-11
Sieghuetter Hauptweg 48
D-57072 Siegen
http://www.kernelconcepts.de/

Attachment: signature.asc
Description: This is a digitally signed message part.



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]