Redstoner/redstoner.com
Archived
0
Fork 0
Code Issues Pull Requests 2 Wiki Activity

Added the ability to encrypt notification emails with a public key. #44

Merged
LogalDeveloper merged 6 commits from encrypted-emails-feature into master 2017-10-18 18:59:49 -04:00
Conversation 7 Commits 6 Files Changed 7 +43 -16
LogalDeveloper commented 2017-10-18 17:37:27 -04:00 (Migrated from github.com)
Copy Link

This pull request is intended to add the ability to encrypt notification emails with a public key. Here's what it changes:

  • Adds a public key field to the notification settings page.
  • Makes the mailer encrypt emails if the recipient has a public key added to their account.
This pull request is intended to add the ability to encrypt notification emails with a public key. Here's what it changes: - Adds a public key field to the notification settings page. - Makes the mailer encrypt emails if the recipient has a public key added to their account.
👍 1
Dico200 commented 2017-10-19 20:04:57 -04:00 (Migrated from github.com)
Copy Link

Why would someone use this?

Why would someone use this?
Minenash commented 2017-10-19 20:09:48 -04:00 (Migrated from github.com)
Copy Link

https://redstoner.com/forums/threads/5049-encrypted-emails

https://redstoner.com/forums/threads/5049-encrypted-emails
Dico200 commented 2017-10-19 20:16:19 -04:00 (Migrated from github.com)
Copy Link

I disagree with the addition of this feature, I think it has very little value to it. The way it's implemented on the email page also might confuse people that have no software/security background or experience, as it doesn't explain ... anything. The only thing there's to go on is "public key". It should be a bit more hidden, behind a button like "upload or change public key" with some additional information on the page or some "don't do this if you're not a nerd" disclaimer.

Next to no emails are sent unencrypted nowadays. Gmail requires SSL and in many cases TLS too (don't ask me for specifics), I can't imagine the same not applying to outlook. Redstoner doesn't share your password with you through email (obviously). What is it that you're protecting, and from whom?
What email clients support decrypting this additional layer of security anyway? Am I just uninformed? It doesn't make sense to me why this should exist.

For the record, I'm not going to fight you for adding this feature, but I wanted to leave my opinion here for you to reconsider its value.

I disagree with the addition of this feature, I think it has very little value to it. The way it's implemented on the email page also might confuse people that have no software/security background or experience, as it doesn't explain ... anything. The only thing there's to go on is "public key". It should be a bit more hidden, behind a button like "upload or change public key" with some additional information on the page or some "don't do this if you're not a nerd" disclaimer. Next to no emails are sent unencrypted nowadays. Gmail requires SSL and in many cases TLS too (don't ask me for specifics), I can't imagine the same not applying to outlook. Redstoner doesn't share your password with you through email (obviously). What is it that you're protecting, and from whom? What email clients support decrypting this additional layer of security anyway? Am I just uninformed? It doesn't make sense to me why this should exist. For the record, I'm not going to fight you for adding this feature, but I wanted to leave my opinion here for you to reconsider its value.
LogalDeveloper commented 2017-10-19 20:18:37 -04:00 (Migrated from github.com)
Copy Link

While most of the notifications you would receive would be public knowledge since you can browse most of the forums while not logged in, it is primarily a feature meant to increase privacy. We currently send our email through Google Mail, which is not well known for being the greatest in privacy and is very distrusted by some people. I am definitely one of those people. If you decide to have your emails encrypted, then Google will only ever see ciphertext which they can't collect any information on.

Of course, this is entirely an optional feature with no enforcement being put on, so for the majority of people who will not use this feature, it will not affect them at all and they will still receive email notifications like usual.

While most of the notifications you would receive would be public knowledge since you can browse most of the forums while not logged in, it is primarily a feature meant to increase privacy. We currently send our email through Google Mail, which is not well known for being the greatest in privacy and is very distrusted by some people. I am definitely one of those people. If you decide to have your emails encrypted, then Google will only ever see ciphertext which they can't collect any information on. Of course, this is entirely an optional feature with no enforcement being put on, so for the majority of people who will not use this feature, it will not affect them at all and they will still receive email notifications like usual.
Minenash commented 2017-10-19 20:20:26 -04:00 (Migrated from github.com)
Copy Link

All notification emails will be encrypted with this key if you supply it.

If you supply it.

Also clients like protonmail does the deception thing (I believe)

All notification emails will be encrypted with this key if you supply it. > If you supply it. Also clients like protonmail does the deception thing (I believe)
LogalDeveloper commented 2017-10-19 20:23:51 -04:00 (Migrated from github.com)
Copy Link

For people who use ProtonMail, this feature is actually a great addition since all you have to do is supply your public key and you have increased your privacy without changing any experiences on our forums or on the ProtonMail client.

For people who use ProtonMail, this feature is actually a great addition since all you have to do is supply your public key and you have increased your privacy without changing any experiences on our forums or on the ProtonMail client.
Pepich commented 2017-10-19 23:24:11 -04:00 (Migrated from github.com)
Copy Link

It was requested by me due to the fact that this should be a thing everywhere. Are you 100% that every step in the chain of sending your mail happens by trusted sources on encrypted channels? You send your mail to google through an https webform or a mail client (hopefully) using a secure communication method - but you have no clue about where that mail goes, who sees it and who tampers with it. Sure you trust your email providers to not give out your mails unless law enforcement asks them to, and to use secure protocols exclusively - but it‘s still a trust based system. I don‘t like trust based systems. When there is a solution that no longer requires trusting others to do it right, which is free, easy to implement, easy to use and provides security where it was before only based on assumptions and trust - which reasons are there not to use it? From my experience it was as simple as installing the pgp plugin to my mac os mail client. No fancy client required. One simple plugin and it automatically signs and if there‘s a known key for the recipient then encrypts the mails, as well as decrypts incoming traffic. Same on my phone (even though here done through a 3rd party application) - decrypting mails is as simple as providing my touch ID. There‘s nothing hard to use to it. There‘s literally no downside to this except you having no excuse anymore when someone receives a mail from you but you claim it wasn‘t sent by you. Either it‘s signed or it isn‘t. Encrypting your mails should be made available as broadly as possible. Don‘t build trust based systems when you don‘t have to.

It was requested by me due to the fact that this should be a thing everywhere. Are you 100% that every step in the chain of sending your mail happens by trusted sources on encrypted channels? You send your mail to google through an https webform or a mail client (hopefully) using a secure communication method - but you have no clue about where that mail goes, who sees it and who tampers with it. Sure you trust your email providers to not give out your mails unless law enforcement asks them to, and to use secure protocols exclusively - but it‘s still a trust based system. I don‘t like trust based systems. When there is a solution that no longer requires trusting others to do it right, which is free, easy to implement, easy to use and provides security where it was before only based on assumptions and trust - which reasons are there not to use it? From my experience it was as simple as installing the pgp plugin to my mac os mail client. No fancy client required. One simple plugin and it automatically signs and if there‘s a known key for the recipient then encrypts the mails, as well as decrypts incoming traffic. Same on my phone (even though here done through a 3rd party application) - decrypting mails is as simple as providing my touch ID. There‘s nothing hard to use to it. There‘s literally no downside to this except you having no excuse anymore when someone receives a mail from you but you claim it wasn‘t sent by you. Either it‘s signed or it isn‘t. Encrypting your mails should be made available as broadly as possible. Don‘t build trust based systems when you don‘t have to.
👍 1
This repo is archived. You cannot comment on pull requests.
Reviewers
No Reviewers
Labels
Clear labels
bug
duplicate
enhancement
help wanted
invalid
question
wontfix
No Label enhancement
Milestone
No items
No Milestone
Assignees
Clear assignees
LogalDeveloper
No Assignees
1 Participants
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: Redstoner/redstoner.com#44
Delete Branch "encrypted-emails-feature"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?