Hi Henkas, thanks, I would second that. We are an international organization, and have a 100% internal email encryption policy. We use roundcube with the enigma plugin, but would like to see a web PIM client with better integration of address books, and calendars, _and_ gpg support. So right now, we use sogo only for address books, and calendars, but not for emails.
GPG support has been discusse before, e.g. https://lists.inverse.ca/sogo/arc/users/2017-08/msg00048.html I remember also older threads with the argument, that GPG end-to-end encryption doesn't make any sense for a webmail. While fundamentally true, I think the following aspects should be considered: 1) protonmail, mailfence, and others decrypt/encrypt in the client with the provided password by the user. While the code comes from the webserver (and could be tampered with), by default the server is never able to read the encrypted message. 2) I think the overall security improves. Security-aware organizations/companies will most likely use a gpg-enabled mailclient like Thunderbird, Outlook, etc for standard email encryption. However, sometimes there are situations in which that doesn't work (e.g. mailclient has problems, staff needs to access mails from their smartphone, or home computer, consultants working for the org don't get a laptop, but have to use their own device, etc). Of course some of that is yet another security issue (e.g. home computer, smartphone use). However, staff needs to be reachable easily, and the office laptop is not always avaiable. As long as staff cannot reliably read & respond to encrypted messages at any time, much less messages (or after some time no messages) will be encrypted,because there is no guarantee that the recipient can easily read it, or read it at all. GPG enabled webmail encryption can make sense in a secured (self-hosted) environment, and does overall improve security, because it facilitates/enables email encryption as standard procedure. On Sun, Jan 26, 2020 at 7:56 PM Henkas <[email protected]> wrote: > Hi, > > > I was wondering if it's possible / planned to implement support for PGP > signing/encrypting of emails? > > Also, I have noticed, when I send a PGP signed email with Thunderbird, > it displays as red "Digital signature is not valid" in the SOGo webmail. > Is that intentional or a bug? > > Is it possible to save the public key of a contact to the address book > and get the key "verified" this way? > > > Thanks, and sorry if I made stupid questions, I'm still quite new to > self hosting my email and signing/encrypting emails :D > > > Best regards, > > henkas > > Email Signature > -- [email protected] https://inverse.ca/sogo/lists
