[kmail2] [Bug 28261] Option to store decrypted GPG email unencrypted locally.

[Juha Tuomala]

https://bugs.kde.org/show_bug.cgi?id=28261

--- Comment #26 from Juha Tuomala <tuju at iki.fi> ---
Actually - this is more important than one might understand at first look.

Apart from some big countries like USA, goverment issued personal ID's are
quite often equipped with X.509 certificates and it's not that far that you
could encrpyt your messages using PKI keys. PKI makes it a whole lot easier as
you don't need to worry how the recipient gets his/her certificate.

That said, all personal ID based certificates employ some sort of HSM (hardware
security module, a smartcard chip) which means, that owner, or not even the
issuer can't get private keys out of the card - those public key pairs are
generated on the chip. This leads to the conlusion, that even the PKI cards
solve the key distribution problem and lower the bar to encrpyt your emails
using it, they create a long term problem, that recipient cannot open his/her
own messages once the certificates become outdated/invalid - typically in five
or so years.

Hence it would be very important to have a generic method to strip whatever
encryption from incoming messages for long term archiving/saving. The same
applies more or less to PGP/GPG keys, you can always loose them. Not sure if
the 'best before' date applies there as well. I think it does.

-- 
You are receiving this mail because:
You are the assignee for the bug.