Hello,
Since 7.300 we have the encryption free for use and I think it would be very useful. For internal users, i t is possible to upload or generate a PGP key pair. The private key must not have a passphrase to get it working. Right now that is the only way to do it, because the ASG would not know the passphrase to use the secured key. Now I really do not want to use a new key pair, but use my already established keys. And they definitely have a password.
Now I am not a security expert and do not know all implications, but my idea was that the internal users keys would be better suited for the end user portal. At least the users could get a screen to upload their keys and Provide the passphrase. If some users do not upload a key, some admin defined "corporate key" may be used to sign mails. I am not sure if storing passphrases on the ASG will be a good idea, but storing unsecured private keys isn't either. Perhaps someone would have to think about the details for a feature like that.
Regards,
Uli Wolf
This thread was automatically locked due to age.
