-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 15 May 2018, Gandalf Corvotempesta wrote:
I was looking at protonmail.com Is possible to implement and end-to-end encryption with dovecot, where server-side there is no private key to decrypt messages?
Maybe the term "end-to-end encryption" has changed, but usually that means that clients are the "end". Hence, there are no keys on the server. There are some approaches to automatic key discovery and hosting with GnuPG's WKD / WKS.
If I understood properly, on protonmail the private key is encrypted with user's password, so that only an user is able to decrypt the mailbox.
When the encryption takes place on the server, the server admin is able to tinker the process, hence, this is no end-to-end. But, read Aki's fine answer about this.
- -- Steffen Kaiser
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBWvvNJcQnQQNheMxiAQKGvggAmTSJypn1AnTbarajkEoTWw3q3ciBjDFP Ivv7ENlbXLVVEurx+KWCvP/eO3OnMunUKQjBcTqc9q4fuaDD8GK8CssP1I31oi1i FC4FPOU2U3WGlOjGmgCUsAJuQpdO3kyy28UGWZgmWLFOqDrGtBh3xEGJxOpxI3MH w1Sqhig9M//CBVT+cT5+jcQy2YxuHJODFQj0rhimdRXmK+xSsQioxlUrKpXihw1U n594pw9ogXkZPm5MoEsOahtqxwtXtWbzUqnQZiq3mPDWTtHj0YsSz2HoSAix8oJ/ mGOazhZwLTKYyRLjjTfzmKtT6XMvuHINqXIcrG78t7L9bJwIjdfpnQ== =VBMS -----END PGP SIGNATURE-----
