tracker issue : CF-4203845

select a category, or use search below
(searches all categories and all time range)
Title:

CFMAIL encryption without .p7c file

| View in Tracker

Status/Resolution/Reason: Open//

Reporter/Name(from Bugbase): Jack Drysdale Jr / ()

Created: 12/27/2018

Components: ColdFusion Services

Versions: 11.0

Failure Type: Others

Found In Build/Fixed In Build: /

Priority/Frequency: Normal /

Locale/System: / Platforms All

Vote Count: 1

It's my understanding that when an email client (like Outlook, or Thunderbird) sends an encrypted email, the client reaches out to a PKI to get the recipient's public key which it then uses to encrypt the message.  The receiving email client then uses the recipient's private key to decrypt the message. 

I can see how the way it currently is set up, CFMAIL can use a local copy of the public key.  But that means that 1) the developer has to first GET a copy of the public key and store it locally, and 2) if that key ever changes, the developer then has to get the new public key to keep things working smoothly.

Is it possible to set CFMAIL so that it can reach out to a PKI to get a user's public key for sending encrypted email?

Attachments:

Comments: