-
New Feature
-
Resolution: Deferred
-
Minor
-
None
-
3.5.13, 3.7.7, 3.8.4, 3.9.1, 4.2
-
MOODLE_35_STABLE, MOODLE_37_STABLE, MOODLE_38_STABLE, MOODLE_39_STABLE, MOODLE_402_STABLE
Problem
Messaging and notification in the most common configurations are causing e-mails to be sent to users. These e-mails may contain personal data and should therefore be protected by encryption. But currently there is no way to have end-to-end encryption; transport encryption cannot be assured.
Requirements
gpg2 hast to be installed on server.
Possible solution
- In an additional user profile field users can upload their public gpg-key related to their main e-mail adress.
In a second additional user profile field users can switch end-to-end enryption on or off. - The uploaded public gpg-key has to be imported to public keyring or a private keyring on server.
- Whenever the cronjob triggers e-mail to be sent, it checks whether the user switched end-to-end encrpytion on and checks whether a proper public key for receiving user is in keyring.
- If end-to-end encryption is turned off by user, e-mail is being sent unencrypted.
- Else if there is no proper public key, user gets unencrypted email with error message. Error has to be logged.
- Else if there is a proper public key in the keyring, e-mail is enrypted with PGP/MIME before being sent. As key will be untrusted, flag "--always-trust" will be needed with gpg.
Solutions integrated in PHPMailer
- For PHPMailer there exists a PGP-Wrapper-class written by ravisorg 5 years ago.
