From bd0551b22076b82a6d49e9f7a2b2e0c90a1b2326 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Fri, 05 Feb 2016 07:25:27 -0500
Subject: [PATCH] Secure also downloads of addressbook exports, managesieve script exports and Enigma keys exports

---
 plugins/enigma/README |   32 ++++++++++----------------------
 1 files changed, 10 insertions(+), 22 deletions(-)

diff --git a/plugins/enigma/README b/plugins/enigma/README
index 33e975a..ac20b79 100644
--- a/plugins/enigma/README
+++ b/plugins/enigma/README
@@ -1,5 +1,6 @@
----------------------------------------------------------------------------
-This plugin adds support for viewing and sending of signed and/or encrypted
+Enigma Plugin for Roundcube
+
+This plugin adds support for viewing and sending of signed and encrypted
 messages in PGP (RFC 2440) and PGP/MIME (RFC 3156) format.
 
 The plugin uses gpg binary on the server and stores all keys
@@ -7,52 +8,39 @@
 Encryption/decryption is done server-side. So, this plugin
 is for users that trust the server.
 
-WARNING! The plugin is in very early state. See below for a list
-of missing features and known bugs/limitations.
----------------------------------------------------------------------------
-
-WARNING: Don't use with gnupg-2.x!
 
 Implemented features:
-
+---------------------
 + PGP: signatures verification
 + PGP: messages decryption
 + PGP: Sending of encrypted/signed messages
-+ PGP: keys management UI (keys import and delete)
++ PGP: keys management UI (key import, export, delete)
++ PGP: key generation (client- or server-side)
 + Handling of PGP keys attached to incoming messages
++ User preferences to disable plugin features
 
-TODO (must have):
 
-- Make working with gnupg-2.x
-- Keys export to file
-- Disable Reply/Forward options when viewing encrypted messages
-  until they are decrypted successfully
-- Handling of replying/forwarding of encrypted/signed messages
-- Client-side keys generation (with OpenPGP.js?)
-
-TODO (later):
-
+TODO:
+-------------
 - Handling of big messages with temp files
-- Server-side keys generation (warning: no-entropy issue, max_execution_time issue)
 - Key info in contact details page (optional)
 - Extended key management:
    - disable,
    - revoke,
    - change expiration date, change passphrase, add photo,
    - manage user IDs
+   - export private keys
 - Generate revocation certs
 - Search filter to see invalid/expired keys
 - Key server(s) support (search, import, upload, refresh)
 - Attaching public keys to email
 - Mark keys as trusted/untrasted, display appropriate message in verify/decrypt status
-- User-preferences to disable signature verification, decrypting, encrypting or all enigma features
 - Change attachment icon on messages list for encrypted messages (like vcard_attachment plugin does)
 - Support for multi-server installations (store keys in sql database?)
 - Per-Identity settings (including keys/certs)
 - Performance improvements:
    - cache decrypted message key id so we can skip decryption if we have no password in session
    - cache (last or successful only?) sig verification status to not verify on every msg preview (optional)
-
 - S/MIME: Certs generation
 - S/MIME: Certs management
 - S/MIME: signed messages verification

--
Gitblit v1.9.1