Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-69272

End-to-end encryption of outgoing e-mails with gpg, public key as user profile field

    XMLWordPrintable

    Details

    • Affected Branches:
      MOODLE_35_STABLE, MOODLE_37_STABLE, MOODLE_38_STABLE, MOODLE_39_STABLE

      Description

      Problem

      Messaging and notification in the most common configurations are causing e-mails to be sent to users. These e-mails may contain personal data and should therefore be protected by encryption. But currently there is no way to have end-to-end encryption; transport encryption cannot be assured.

      Requirements

      gpg2 hast to be installed on server.

      Possible solution

      1. In an additional user profile field users can upload their public gpg-key related to their main e-mail adress.
        In a second additional user profile field users can switch end-to-end enryption on or off.
      2. The uploaded public gpg-key has to be imported to public keyring or a private keyring on server.
      3. Whenever the cronjob triggers e-mail to be sent, it checks whether the user switched end-to-end encrpytion on and checks whether a proper public key for receiving user is in keyring.
      4. If end-to-end encryption is turned off by user, e-mail is being sent unencrypted.
      5. Else if there is no proper public key, user gets unencrypted email with error message. Error has to be logged.
      6. Else if there is a proper public key in the keyring, e-mail is enrypted with PGP/MIME before being sent. As key will be untrusted, flag "--always-trust" will be needed with gpg.

      Solutions integrated in PHPMailer

       

        Attachments

          Activity

            People

            Assignee:
            Unassigned
            Reporter:
            mputzlocher Martin Putzlocher
            Participants:
            Component watchers:
            Andrew Nicols, Jun Pataleta, Michael Hawkins, Shamim Rezaie, Simey Lameze, Andrew Nicols, Jun Pataleta, Michael Hawkins, Shamim Rezaie, Simey Lameze, Amaia Anabitarte, Carlos Escobedo, Ferran Recio, Sara Arjona (@sarjona), Andrew Nicols, Jun Pataleta, Michael Hawkins, Shamim Rezaie, Simey Lameze, Amaia Anabitarte, Carlos Escobedo, Ferran Recio, Sara Arjona (@sarjona)
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated: