Type: New Feature
Affects Version/s: 3.5.13, 3.7.7, 3.8.4, 3.9.1
Fix Version/s: None
Affected Branches:MOODLE_35_STABLE, MOODLE_37_STABLE, MOODLE_38_STABLE, MOODLE_39_STABLE
Messaging and notification in the most common configurations are causing e-mails to be sent to users. These e-mails may contain personal data and should therefore be protected by encryption. But currently there is no way to have end-to-end encryption; transport encryption cannot be assured.
gpg2 hast to be installed on server.
- In an additional user profile field users can upload their public gpg-key related to their main e-mail adress.
In a second additional user profile field users can switch end-to-end enryption on or off.
- The uploaded public gpg-key has to be imported to public keyring or a private keyring on server.
- Whenever the cronjob triggers e-mail to be sent, it checks whether the user switched end-to-end encrpytion on and checks whether a proper public key for receiving user is in keyring.
- If end-to-end encryption is turned off by user, e-mail is being sent unencrypted.
- Else if there is no proper public key, user gets unencrypted email with error message. Error has to be logged.
- Else if there is a proper public key in the keyring, e-mail is enrypted with PGP/MIME before being sent. As key will be untrusted, flag "--always-trust" will be needed with gpg.
- For PHPMailer there exists a PGP-Wrapper-class written by ravisorg 5 years ago.