Support » Plugin: WP PGP Encrypted Emails » “feature request”?

  • Resolved alexhell

    (@alexhell)


    Hi M.,

    sorry for the former wrong addressed message.

    ##############################

    I am using wp pgp encrypted email plugin.

    It works nice, thank you for your efforts.

    At the moment I got so much requests, that I decided to move from plain
    emails form to a ticket system like

    https://de.wordpress.org/plugins/wp-support-centre/

    https://de.wordpress.org/plugins/catchers-helpdesk/

    They provide email piping, which is very comfortable for the questioner. But
    a big drawback of such a ticket system is, that the email correspondence is
    mostly not encrypted (your plugin encrypt just the emails from the system to
    me).

    How much effort it would be to encrypt the communication to the system and
    to other outgoing people (if they provide a public key)?

    I now that RT or OSTR provide such a feature. But they are for my case too
    bloated.

    Best,
    A.

Viewing 6 replies - 1 through 6 (of 6 total)
  • Plugin Author Meitar

    (@meitar)

    This plugin encrypts *all* outgoing email from WordPress to any recipient with a public key in their user profile, so your question indicates either a bug in this plugin (unlikely if it’s still working for you when you receive emails), that the other plugins you mentioned do not use WordPress’s built-in wp_mail features (also unlikely, but more possible and easily discoverable by checking the other plugin’s documentation and/or source code), or I don’t understand the question (highly likely).

    Are you asking if emails you receive from others can be decrypted by the plugin? (The answer is no; use an email client instead.)

    alexhell

    (@alexhell)

    Are you asking if emails you receive from others can be decrypted by the plugin? (The answer is no; use an email client instead.)

    This is the point. I want to move away from email client and using a ticket system.

    I would prefer to use one of the suggested WP plugin instead of running an extra ticket system.

    The ticket systems for WP are light and offer a web interface for people, who don’t have pgp. So they can communitcate secured via https.

    How much effort it would be to add the decryption feature and “searching public key from key server” feature?

    Thanks for your time,
    A.

    Plugin Author Meitar

    (@meitar)

    I still don’t understand what you are trying to do. Emails sent from your WP-powered ticketing system should *already* be encryptable; you will receive encrypted emails. So should your users, as long as they supply WordPress with their PGP public key in their WordPress profile. Since it’s a Web-based ticket system, using HTTPS will mean no machine in the middle will eavesdrop on tickets being added to the system.

    You sound like you want people to be able to submit tickets via email, and encrypt those *incoming* emails, too, then decrypt those emails when they are received by the ticketing system *in WordPress*. That’s, bluntly, a bad design idea and not one I will implement. Use an email client. Use HTTPS in the browser. This already exists. No new features need to be added to do this.

    alexhell

    (@alexhell)

    You sound like you want people to be able to submit tickets via email

    Yes, as I wrote “email piping”.

    Unfortunately an email client provide not the same feature, what a ticket system offers AND I don’t want to force my clients to use the ticket system via browser.

    I don’t know, why you think, it is a bad design idea.

    Plugin Author Meitar

    (@meitar)

    Ah, I understand now. But no, I won’t do that. Your request requires the server to maintain a private key part, which is a high-value target. It changes the security implications of the plugin’s use case dramatically and isn’t something I feel comfortable to or interested in developing or maintaining. It’s also by design less secure for most use cases I can imagine, and alternatives already exist for the other use cases. It’s not something I will do myself or merge into this plugin. Sorry.

    alexhell

    (@alexhell)

    Dear Meitar,

    no problem. I was just trying to find the best solution. If you would find out, that this is easy to implement, I would go this way. If you suggest me to take an existing alternative, then I will follow this advice.

    Thank you for your plugin and this additional time.

    Best,
    A.

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘“feature request”?’ is closed to new replies.