[kmail2] [Bug 329546] New: open validly signed emails only
hauke at laging.de
Fri Jan 3 01:33:58 GMT 2014
Bug ID: 329546
Summary: open validly signed emails only
Platform: openSUSE RPMs
Assignee: kdepim-bugs at kde.org
Reporter: hauke at laging.de
Email is an important attack vector. Now in the post-Snowden era that we all
are discussing how to make computers more secure I think it's time to make
crypto more useful.
On high security level systems it should be possible to disable the handling of
such emails completely (OK except for showing the header data which isn't
signed anyway) which do not have a valid PGP/MIME signature by a key which has
been explicitly marked trustworthy for this security level (no matter if the
email is encrypted or not). This may be done by creating a separate keyring and
call gpg with --no-default-keyring or by checking the normal gpg result against
a fingerprint whitelist.
Instead of the mail content a message like "The KMail configuration requires
all emails to be signed by a key from the secure keys list. This email is not
opened because it lacks a valid signature / has a correct signature but from a
key which is not on the secure keys list."
Such a configuration probably makes sense only as a global option. But it may
make sense to have a secure keys list per mailbox.
This may be a nice feature from the admin perspective (even more if the user
cannot disable it and cannot modify the secure keys list) because it limits the
users possibilities to make mistakes. These signatures could also be made by
antivirus software so this feature could as a side effect ensure that only such
email is read which has been checked.
You are receiving this mail because:
You are the assignee for the bug.
More information about the Kdepim-bugs