Skip to content

OpenPGP

Jump to bottom Edit New page
the-djmaze edited this page Feb 9, 2022 · 7 revisions

When OpenPGP is enabled by admin, you will have options to encrypt, decrypt, sign and verify messages.

These can be achieved with: Mailvelope, OpenPGP.js and GnuPG. Difference is that GnuPG runs on the server and the others in your browser.

Sign

Signing a message requires the passphrase of your private key. For safety the system will first check if it is possible with OpenPGP.js else GnuPG.

OpenPGP.js

  1. Sign only text/html
  2. Not the attachments
  3. Done in browser so that server doesn't need your passphrase
  4. This primary choice

GnuPG

  1. Sign everything
  2. Done on server, passphrase less secure as it is transmitted
  3. This is secondary choice

Mailvelope

Not possible

Encrypt

Encrypting a message doesn't need a passphrase, because that is done with public keys. The system will first try GnuPG else OpenPGP.js.

GnuPG

  1. Encrypt everything
  2. Done on server, send to server unencrypted
  3. This is primary choice

OpenPGP.js

  1. Encrypt only text/html
  2. Not the attachments
  3. Done in browser, so send to server encrypted
  4. This is secondary choice

Mailvelope

Use the special button in compose window to activate.

  1. Encrypt only text & attachments
  2. HTML not possible
  3. Done in browser, so send to server encrypted
  4. This is secondary choice
Add a custom footer
Add a custom sidebar
Clone this wiki locally