Lacre
/
lacre_pages
5
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 1 Wiki Activity

Compare commits

base: Lacre:e7435f6929e1408c9885d162bfbbfdb88c20c195
Branches Tags
Lacre:main
Lacre:external_link
Lacre:layout_improvments
Lacre:ant_dev
Lacre:0.1
...
compare: Lacre:c9ede3eb69186962c1b880883d071abcb9569ef3
Branches Tags
Lacre:main
Lacre:external_link
Lacre:layout_improvments
Lacre:ant_dev
Lacre:0.1

3 Commits
e7435f6929 ... c9ede3eb69

Author SHA1 Message Date
meaz c9ede3eb69 Merge pull request 'update texts' (#4) from update_texts into main 
Reviewed-on: #4
 2023-09-12 14:23:28 +00:00
meaz 6502ef517e
udpate texts 2023-09-04 15:04:24 +02:00
meaz 1103155220
remove unused pages 2023-09-04 15:04:17 +02:00
6 changed files with 10 additions and 32 deletions
Show Stats Expand all files Collapse all files

6
01.home/_about/2col.en.md
View File

@ -1,6 +0,0 @@
---
title: About
wider_column: left
---
Some text about Lacre

4
01.home/_about/2col.md
View File

@ -5,13 +5,13 @@ rightcol: three
ribbon: left
---
### Lacre is an open source solution to email encryption at rest.
### Lacre is an open source solution to email encryption.
Lacre provides a transparent multiplatform solution to secure all incoming emails. It is based on existing cryptographic standards.
By utilizing the well-known and established PGP protocol, it is compatible with many modern client software. This makes Lacre client software agnostic and vendor lock free.
By utilizing the well-known and established PGP protocol, it is compatible with many modern client softwares. This makes Lacre client software agnostic and vendor lock free.
---

4
01.home/_about2/2col.md
View File

@ -11,6 +11,6 @@ ribbon: right
---
Lacre software provides end-to-end encryption of emails at rest (i.e. when it hits your mailbox) by not storing any private keys on the server. This makes it impossible to decrypt your data without the users device.
For users: Lacre software provides end-to-end encryption of emails at rest (i.e. when it hits your mailbox) by not storing any private keys on the server. This makes it impossible to decrypt your data without the users key.
Lacre is pluggable. Working as a postfix filter, Lacre does not require an in-house SMTP server solution, but provides seamless integration into your existing infrastructure.
For admin: Lacre is pluggable. Working as a postfix filter, Lacre does not require an in-house SMTP server solution, but provides seamless integration into your existing infrastructure.

13
01.home/modular.en.md
View File

@ -1,13 +0,0 @@
---
title: Lacre
content:
items: '@self.modular'
order:
by: default
dir: asc
custom:
- _about
menu: home
onpage_menu: true
---

5
02.faq/_faq/2col.md
View File

@ -9,7 +9,6 @@ ribbon: right
## How does it work?
From server perspective, Lacre works as a postfix (SMTP server) filter. All incoming emails are passed to the flter that then checks whether a GPG key is present in the database for given recipient. If key is present, email is being enrypted with the public key of the recipient and passed to further to IMAP server that then saves it on to the mailbox. If incoming email is already encrypted or recipient key is missing, Lacre does nothing and forwards the email to IMAP server.
From user perspective. In order to encrypt the mailbox, the user must generate a PGP encryption key pair. That set of keys consists of a private key used to decrypt emails and a public key, which is widely shared with anyone and it is used to encrypt emails addressed to the user. Lacre requires only the public key. This key is then used against all incoming emails addressed to the user to encrypt emails. Users can decrypt and read the emails only if they have has access to the private key. This means they must use a pgp enabled email client and needs to have their private key presents on the device. Without the key it is practically impossible to obtain the content of the email.
From user perspective. In order to encrypt the mailbox, user must generate PGP encryption key pair. That set of keys consists of a private key used to decrypt emails and public key, which is widely shared with anyone and it is used to encrypt emails addressed to the user. Lacre requires only public key. This key is then used against all incoming emails addressed to the user to encrypt emails. User can decrypt and read the emails only if he has access to the private key. This means he must use pgp enabled email cient and needs to have the private key present on the device. Without the key it is practically impossible to obtain the content of the email.
From server perspective, Lacre works as a postfix (SMTP server) filter. All incoming emails are passed to the filter that then checks whether a GPG key is present in the database for a given recipient. If a key is present, the email is being encrypted with the recipient's public key and transmitted to the IMAP server that then saves it on to the mailbox. If the incoming email is already encrypted or the recipient key is missing, Lacre does nothing and forwards the email to the IMAP server.

10
02.faq/_faq1/2col.md
View File

@ -5,12 +5,10 @@ rightcol: zero
ribbon: bottom
---
## what are known Issues and limitations?
## What are known Issues and limitations?
There is no such thing as 100% safe and secure solution and anyone claiming otherwise is just laying. Lacre isnt “golden solution” and does come with some drawbacks. While it does protect emails at rest (those that have been recieved and encrypted with lacre), it does not fully protect emails in transit. Unless email is end-to-end encrypted between both sender and recipient, there is a brief moment between plain text email arriving to the server and when Lacre does its job to secure it. This applies to all encrypted email solutions outthere btw. even if they dont tell you that. That means emails could be potentially intercepted in realtime. This is why trusting your mail service provider is important!
There is no such thing as 100% safe and secure solution and anyone claiming otherwise is just laying. Lacre isnt a "silver bullet" and does come with some drawbacks. While it does protect emails at rest (those that have been recieved received and encrypted with Lacre), it does not fully protect emails in transit. Unless email is end-to-end encrypted between both sender and recipient, there is a brief moment between when plain text email arrives to the server and when Lacre does its job to secure it. This applies to all encrypted email solutions outthere by the way. Even if they dont tell you that. That means emails could potentially be intercepted in realtime. This is why trusting your mail service provider is important!
Lacre does not protect your metadata. Email is a service that exchanges a lot of metadata. Depending on your service provider, you might be sharing a lot of data with others including your IP address, mail client software used, time of sending, subject, recipient, etc. In order to keep to standards, not all of that information is and can be encrypted. Currently Lacre does take care of subject encryption and we are looking for possibilities to encrypt all possible metadata. Although from a software perspective this could be achieved by Lacre already, it all depends on email client software and what the gold standard is. We hope in the future that more and more metadata will be covered by Lacre.
Lacre does not protect your metadata. Email is a service that exchange a lot of metadata. Depending on your service provider, you might be sharing a lot of data with others including your IP address, mail client software used, time of sending, topic, to whom email was sent etc. In order to keep to standards, not all of that information is and can be encrypted. Currently Lacre does take care of topic encryption and we are looking for possibilities to encrypt all possible metadata. Although from software perspective this could be achieved by Lacre already now, it all depends on email client software and what is the golden standard. We hope in the future more and more metadata will be covered by Lacre.
GPG requires your private key to be able to decrypt emails. If you loose your key you loose access to the encrypted emails with that key. That means you wont be able to decrypt emails that are already encrypted. Lacre does give you the possibility to reset your configuration on the server by removing the key or uploading a new one, but that change applies only to the future emails. This also provides drawback when it comes to forward secrecy which Lacre odes not provide. This means that if your key becomes compromised, all part communication using that key will be decryptable.
Warning: GPG requires your private key to be able to decrypt emails. If you lose your key you lose access to the encrypted emails with that key. That means you wont be able to decrypt emails that are already encrypted. Lacre does give you the possibility to reset your configuration on the server by removing the key or uploading a new one, but that change applies only to the future emails. This is also a drawback when it comes to forward secrecy, which Lacre odes does not provide. This means that if your key becomes compromised, all past communication using that key will be decryptable.