This sounds like cool work, but I agree with the assertions in the RFEs to which you refer that DKIM is actually the most useful for enterprise users.
I like FireGPG and the like for precisely the same reasons that you don't. As a security professional, I'm paranoid about the security of my GPG key, keeping it on an encrypted removable device, etc. I consider *loose* integration with the mail client to be a feature. I only sign/encrypt stuff that really needs to be signed/encrypted. I don't enter my GPG passphrase lightly. Most of the time, I disconnect from the Internet before doing so.
But that's me. For most users, their password (or other credential(s) necessary for accessing the Zimbra system) is the weakest, and often the only, link. If you succeed in creating an easy-to-use server-based system that makes using GPG or S/MIME as easy as entering your single sign-on credentials, then it's not clear to me what you've gained. In an intranet environment secured by firewalls, SSL, VPN, etc., there is less need for end-to-end GPG or S/MIME encryption of individual emails. The threat to the less paranoid is nether interception nor repudiation, but simple in-the-clear spoofing. I believe that automatic DKIM signing is a better solution to that problem.
The Zimbra server would need to ensure that ZWC, Outlook, and SMTP-Authed mail is all properly DKIM signed; there would need to be an admin UI to specify what domains *must* be DKIM signed (or possibly trust assertions in the DNS, but as anyone who has worked with SPF knows, many such assertions will be bogus -- even fairly major ISPs forget to update SPF records when they add servers); and the various clients would need a UI to alert users whenever unsigned mail is received.
Last edited by Rich Graves : 06-09-2007 at 09:38 AM.
|