Changes between Version 23 and Version 24 of AnnouncerPlugin/MessageEncryption

Aug 24, 2015, 12:32:47 PM (7 years ago)

Cosmetic changes, updated link


  • AnnouncerPlugin/MessageEncryption

    v23 v24  
    1 = Announcer cryptographic capabilities =
    21[[PageOutline(2-4,page content)]]
     3= Announcer cryptographic capabilities
    35This page documents the effort to add optional encryption for AnnouncerPlugin email messages using GnuPG.
    46See #6773 for the corresponding ticket asking for this enhancement and [wiki:CryptoPlugin CryptoPlugin] for the future of this development.
    6 == Why ==
     8== Why
    710Let's see how cryptography could help with Trac announcements.
    1215Signing emails will help recipients to be sure, that they got unaltered content and got it from you. Encrypting emails will help to distribute announcements to external recipients as freely as to recipients inside without concerns on discretion.
    14 == How (proposed implementation) ==
     17== How (proposed implementation)
    1519It might help a lot to have a closer look at [t:wiki:TracDev/Announcer internal structure and event flow] of AnnouncerPlugin. Where to kick in is of course an essential decision. Since it's not only about mangle the message body (one of the earlier assumptions that all turned out to reach not far enough), there is not a single point but a bunch of changes needed to get cryptographic operations working.
    1923''Update:'' I've thought a lot about the aforementioned approach and found it far to narrow. So a major re-design is on the way now. Cryptographically operations will be completely moved into a dedicated stack of python scripts: CryptoPlugin, that provides universal, reusable methods for certificate and key management and beyond announcement email content.
    21 === !AnnouncerEmailEncryption ===
     25=== !AnnouncerEmailEncryption
    2227To get !AnnouncerEmailEncryption up and working you'll have to take the following steps:
    23  1. install GnuPG on the same host along with Trac[[BR]]
     28 1. Install GnuPG on the same host along with Trac[[BR]]
    2429  For Debian GNU/Linux a simple
    2833 will do.
    29  2. install `python-gnupg`
    30   Currently there is no Debian package available. Install from source of [ project site] is preferred. So we get a mature and actively maintained Python interface to GnuPG.
    31  3. configure !AnnouncerEmailEncryption in the !`[announcer]` section of `trac.ini` for the given Trac environment
     34 2. Install `python-gnupg`
     35  Currently there is no Debian package available. Install from source of [ project site] is preferred. So we get a mature and actively maintained Python interface to GnuPG.
     36 3. Configure !AnnouncerEmailEncryption in the !`[announcer]` section of `trac.ini` for the given Trac environment
    3338  ||'''available option''' ||'''value''' ||'''default''' ||'''note''' ||
    6166Beware, that 4 and 5 is not fully covered by current development code. So this is subject to change a lot, before a public release. As with current code for AnnouncerPlugin there'll be DEBUG logging embedded into all operations mentioned above.
    63 === Q&A ===
     68=== Q&A
    6470[FIXME: add more Q+A here to help with code design evaluation and code review] 
    6571 ?: ''Is it true that different users will have different keys?  If so, we can add configuration to the user's preference page.  We could have a big textbox for GPG key and if they have one entered, then use encryption.
    7985  ||missing pubkey ||fingerprint in user settings but no corresponding key in pubkeyring file ||delete recipient from recipient list of event in delivery, create new event with info "specified pubkey not in Tracs keyring" to be sent to this user and project admin ||
     87== Beyond current development scope
    82 == Beyond current development scope ==
    8389There is a [t:wiki:TracDev/Proposals/Announcer proposal] to replace current Trac Notification system with AnnouncerPlugin. This will make the effort for a really clean solution even more urgent.
    8591Consider [ cryptography related features] for EmailtoTracScript ([ current home outside of Tack-Hacks]). It could be interesting i.e. to allow only e-mails with valid signature from known senders to pass, fighting spam at another level.
    87 === Development traces (history) ===
     93=== Development traces (history)
    8895This is kept for reference and personal attitude to preserve historical notes.
    8996 1. step: add some code to make encryption just work '''done'''[[BR]]
    110117 3. step: extend web_ui of AnnouncerPlugin to remote-control new options from user and/or administration settings - ''canceled, as this is largely unrelated to this plugins core business''
    112 == Resources (for ideas and code) ==
     119== Resources (for ideas and code)
    113121 * Python e-mail test server
    114122 * How Django, another Python based system handles e-mail-encryption with [ django-email-extras] ([ browse the code])