Roundup Tracker - Issues

Issue 2551152

Document how to set up and use PGP encrypted emails.
Type: rfe Severity: normal
Components: Documentation Versions:
Status: new
: : ThomasAH, rouilj
Priority: :

Created on 2021-08-15 04:02 by rouilj, last changed 2021-08-16 10:14 by ThomasAH.

msg7317 Author: [hidden] (rouilj) Date: 2021-08-15 04:02
The user manual and admin manual are missing directions on how to 
deploy/use PGP encrypted emails.

The user manual should include how to set the public key. Setup
on the client side to PGP sign the email should not be included.

Admin manual should discuss settings and what needs to be set up
in the config.ini file to sign/encrypt emails.

From what I just scanned it looks like the key needs to be on the 
filesystem??? I would expect pgp pub keys to be uploadable via the
web interface.
msg7318 Author: [hidden] (ThomasAH) Date: 2021-08-16 10:14
Yes, the system account running roundup needs to have the keys available in
the default keyring, so you need to use "gpg --import" to import keys of
users, and you need to generate a secret key for the tracker on the command
line, too.

Allowing key updates via the web interface would need very good verification
so that keys only contain email addresses that are valid for this user.

And if a key (or encryption subkey) expires, you can't add new messages to
issues where the corresponding user is in the nosy list, so I have created
to check for keys that will expire in the near future.
I run this once per week via crontab.
Date User Action Args
2021-08-16 10:14:35ThomasAHsetnosy: + ThomasAH
messages: + msg7318
2021-08-15 04:02:31rouiljcreate