diff options
Diffstat (limited to 'plugins/enigma/README')
-rw-r--r-- | plugins/enigma/README | 66 |
1 files changed, 66 insertions, 0 deletions
diff --git a/plugins/enigma/README b/plugins/enigma/README new file mode 100644 index 000000000..0566069ff --- /dev/null +++ b/plugins/enigma/README @@ -0,0 +1,66 @@ +Enigma Plugin for Roundcube + +This plugin adds support for viewing and sending of signed and encrypted +messages in PGP (RFC 2440) and PGP/MIME (RFC 3156) format. + +The plugin uses gpg binary on the server and stores all keys +(including private keys of the users) on the server. +Encryption/decryption is done server-side. So, this plugin +is for users that trust the server. + +WARNING! The plugin is in very early state. See below for a list +of missing features and known issues. + + +Implemented features: +--------------------- ++ PGP: signatures verification ++ PGP: messages decryption ++ PGP: Sending of encrypted/signed messages ++ PGP: keys management UI (keys import and delete) ++ Handling of PGP keys attached to incoming messages ++ User preferences to disable plugin features + +TODO (must have): +----------------- +- Keys export to file +- Disable Reply/Forward options when viewing encrypted messages + until they are decrypted successfully +- Handling of replying/forwarding of encrypted/signed messages +- Client-side keys generation (with OpenPGP.js?) + +TODO (later): +------------- +- Handling of big messages with temp files +- Server-side keys generation (warning: no-entropy issue, max_execution_time issue) +- Key info in contact details page (optional) +- Extended key management: + - disable, + - revoke, + - change expiration date, change passphrase, add photo, + - manage user IDs +- Generate revocation certs +- Search filter to see invalid/expired keys +- Key server(s) support (search, import, upload, refresh) +- Attaching public keys to email +- Mark keys as trusted/untrasted, display appropriate message in verify/decrypt status +- Change attachment icon on messages list for encrypted messages (like vcard_attachment plugin does) +- Support for multi-server installations (store keys in sql database?) +- Per-Identity settings (including keys/certs) +- Performance improvements: + - cache decrypted message key id so we can skip decryption if we have no password in session + - cache (last or successful only?) sig verification status to not verify on every msg preview (optional) +- S/MIME: Certs generation +- S/MIME: Certs management +- S/MIME: signed messages verification +- S/MIME: encrypted messages decryption +- S/MIME: Sending signed/encrypted messages +- S/MIME: Handling of certs attached to incoming messages +- S/MIME: Certificate info in Contacts details page (optional) + +Known issues: +------------- +1. There are Crypt_GPG issues when using gnupg >= 2.0 + - http://pear.php.net/bugs/bug.php?id=19914 + - http://pear.php.net/bugs/bug.php?id=20453 + - http://pear.php.net/bugs/bug.php?id=20527 |