GPG signed emails

(Steven) #1

My overly security conscious group is looking for the emails that are sent from discourse to be GPG signed by discourse. Not encrypted emails but signed. Over half of our group primarily interacts with discourse via email (they are old school mailing list people)

The admin would generate a private GPG key specifically for discourse, either by a online generator in discourse or uploading the key to the settings. The admin then could enabled the signing outgoing emails with the discourse private GPG key. These messages would not be encrypted but would have a validation signature appended to the bottom of the email.

I don’t know how many other groups would need or even want this feature.
I thought I would put it out there incase others would be interested.

(Benjamin Kampmann) #2

Sounds like something a plugin could provide. Depending on how much you care about it, you might want to make an offer to have this build in the marketplace. I don’t see much reason to add this to core, especially as you already said it is a rather small group of installations even wanting it in the first place.

(Kane York) #3

For implementors: You would want to redefine some methods in Email::Sender.