Closed ddavness closed 4 years ago
Here's a mockup of the front-end :)
Currently using gpgme
's Python bindings to handle this. Documentation (for easy reference):
https://github.com/gpg/gpgme/tree/master/lang/python/doc/src
So now we kind of have a problem here: The Mail-in-a-Box daemon runs in an isolated python interpreter, so installing the python3-gpg
package will not work here. We kinda have two/three alternatives:
gpg
package via the deamon's pip
- this is not ideal because we will have to compile the bindings, and as such install build dependencies (the gpgme
headers and swig
, gcc
, etc.), but it's the quickest way to get it to "work"Alright, at this point:
Stuff we still need to do:
Whew we're getting close
We now have a nice little section in the status checks. This will warn us of expired, about-to-expire, or revoked keys.
The daemon's key expires 180 days after it's creation, and is regularly renewed (for 180 days), when there are 14 days or less left.
For this PR, we'll only grab the daemon's key and use it to sign internal mail. Other features will be implemented separately.
Holding this for a while as I'm currently preparing a fork of the Enigma plugin for Roundcube - which will allow us to verify signatures directly in Roundcube :eyes:
ddavness/roundcube-enigma-plugin-globalkeyring (I might try doing a PR to the main repo one day, but probably not anytime soon)
Alright, we're not going forward with this path as it's quite a mess (we need to handle three gpg contexts) - we might aswell just implement WKD into enigma.
This will allow us to configure a PGP keyring for the daemon to use. Possible use-cases: