On Wed, 2022-02-09 at 17:10 +0100, Robert.Wiegand--- via Users wrote:
I got a request to make incoming public PGP keys trusted.
The idea is to make a register mail address where a person can send
his pub key and we remove it from the mail and add it to the gateway.
That's fine and working.
Now the tricky part:
We want the user to verify the key via a second way with the key ID.
The second way wrote the pub key ID in a database and from their the
verify process should start and check if the key with that ID exists
and if so it should be trusted.
Now two questions:
1. How can we set the key trusted via cli or something like that?
At the moment the CLI tool does not support this. But it should not be
hard to add this functionality I think.
2. Is it possible to add a header or subject extension
after a lookup
in the database to get a value from their which should be added to
subject or as header?
I'm not certain I understand the work-flow you want to implement.
How should the external user validate the key? With an email challenge?
Or with some other procedure?
CipherMail email encryption
Email encryption with support for S/MIME,
OpenPGP, PDF Messenger and Webmail Messenger