Decission - Allow key upload only from set of domains? #40
Labels
No Label
ANSIBLE
BUG
CODE
DEVELOPMENT
DOCUMENTATION
FEEDBACK
FIX
HOWTOs
IDEA
INFRA
ISSUE
MAILSERVER
TESTS
To-Be-Reviewed
WEB
WEBSITE
No Milestone
3 Participants
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: Disroot/gpg-lacre#40
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Currently you can upload keys from any domain you wish. As long as you manage to verify that you own the email address through verification mail sent uplon upload of the key. Perhaps for the scope of the project we should have an option to limit amount of domains you can submit keys from.
Generally I would allow only domains that are tight to the mail server, so basically give only the users of the server the possibility to upload keys.
What would be cons and pros of both solutions?
Pros would be:
Cons:
Comming to think of it, now when wrote it down, perhaps that feature would be more useful then I initially thought :). Uploading your key to the server even if you aren't on it, would guarantee all emails originating from the server and addressed to you to be encrypted.
After few days of thinking about it I came to conclusion leaving it as is is good idea. Since key upload needs to be verified it means you can't really abuse it. In later stage we should perhaps introduce preventing key uploads from non-permitted list of domains as an option in the web interface. Additionally once we have roundcube plugin for upload of keys one could simply disable web interface which means only roundcube user could submit the keys and therefor only authenticated users could submit keys only to their email addresses.
Conclusion from the 2022-01-10 meeting: perhaps a configuration option would be a solution? Administrators would decide whether they want to limit domains or not.
issue created on FE repo Lacre/lacre-web#4