schleuder issueshttps://0xacab.org/schleuder/schleuder/-/issues2021-06-06T14:48:16Zhttps://0xacab.org/schleuder/schleuder/-/issues/389Introduce tokens2021-06-06T14:48:16ZpazIntroduce tokensWe need tokens to verify control over email addresses (see #388).
They should
* be tied to an email-address (or account?),
* be hard to guess,
* have a lifetime,
* have a date (in order to prevent too many repeated requests per time sl...We need tokens to verify control over email addresses (see #388).
They should
* be tied to an email-address (or account?),
* be hard to guess,
* have a lifetime,
* have a date (in order to prevent too many repeated requests per time slot).
Open questions:
* Do we need a keyword to request tokens?
* Do we need the possibility to generate tokens for email addresses that are not subscribed at all? (Could make sense if we would also provide the option to upload a key to an account, so admins can "pluck" a key from the account if they subscribed the email address.)Next Big Thingpazpazhttps://0xacab.org/schleuder/schleuder/-/issues/388API: Provide endpoint(s) to request password-token2021-06-06T14:48:09ZpazAPI: Provide endpoint(s) to request password-tokenHTTP-Clients (schleuder-cli, schleuder-web) must be able to request a token for setting a new password. The API must provide an endpoint to do that.
The workflow shall be this:
1. A person that wants an account enters their email-addre...HTTP-Clients (schleuder-cli, schleuder-web) must be able to request a token for setting a new password. The API must provide an endpoint to do that.
The workflow shall be this:
1. A person that wants an account enters their email-address in a form and clicks a button.
2. The web-interface sends the request unauthenticated (because there's no account yet) to the API.
3. The API uses the sent email-address to look up a subscription with a usable key.
4. *If* it finds a key, it generates a token (or a link?) and sends that in an encrypted email to the email-address. It returns an positive response to the web interface.
4. *If* it doesn't find a subscription for the email-address at all it returns an error to the web interface.
5. *If* it finds a subscription but none with a usable key it returns a different error to the web interface (so the web interface can display a helpful message).
5. The person receives and decrypts the email, copies the token into the web interface (or clicks the link).
6. The web interfaces validates the token at the API.
7. *If* that is successful, it presents the person a form to enter and save a new password.
7. *Or* should the person receive a second email, which contains the new password as it was set by schleuder?
* The tokens should be valid only for a given time span (15 minutes?).
* Admins must be able to request a token for a different email-address than their own. List-admins must only be allowed to request a token for email-addresses that are subscribed to one of their admin-lists.
* Should admins receive the token (or link) via HTTP instead of via encrypted email? The request from the web interface to the API is authenticated with their admin-credentials, thus we don't need the proof that they can decrypt a message.
* How to protect against SPAM/DOS-attacks through repeated requests for new tokens against the API? We can't authenticate those requests because there's no account yet.Next Big Thingpazpazhttps://0xacab.org/schleuder/schleuder/-/issues/353Send whole Keyring at once (worked in schleuder2)2020-11-12T16:28:16Zinit voidSend whole Keyring at once (worked in schleuder2)Feedback from one of our users:
> in der vorherigen Schleuder-Version war es möglich, sich mittels des Befehls `X-GET-KEY: . ` den gesamten Keyring (Schlüsselbund) einer verschlüsselten E-Mail-Verteilerliste zusenden zu lassen.
> So is...Feedback from one of our users:
> in der vorherigen Schleuder-Version war es möglich, sich mittels des Befehls `X-GET-KEY: . ` den gesamten Keyring (Schlüsselbund) einer verschlüsselten E-Mail-Verteilerliste zusenden zu lassen.
> So ist funktioniert das nun leider nicht mehr. Gibt es einen neuen Befehl hierfür?
The described behavior sounds more like a "hack" that like an intended Feature to me. Yet it might be a useful option to export all keys in one go.
Just leaving this here so the users input is not lost.Futurepazpazhttps://0xacab.org/schleuder/schleuder/-/issues/329feature request: allow schleuder to send a welcome message to new subscribers...2020-01-05T13:09:06Zfleishfeature request: allow schleuder to send a welcome message to new subscribers with the list public key attachedThis idea came up in testing a use case where the list public key wouldn't necessarily be uploaded to the key server. While sending email to listname-sendkey@listhost.domain.com works fine, for less technical users it would be useful to ...This idea came up in testing a use case where the list public key wouldn't necessarily be uploaded to the key server. While sending email to listname-sendkey@listhost.domain.com works fine, for less technical users it would be useful to preempt the need for this step and just have them receive a copy of the public key along with a brief message about the list and maybe even how to interact with the list via email commands. Maybe even an option to include a blurb about the web interface, since not all deployments may have that available. I'm thinking something along the lines of how mailman mailing lists send welcome messages to new subscribers, but also tailored to make getting started with schleuder easier for the masses who may be less technically inclined.https://0xacab.org/schleuder/schleuder/-/issues/328Show name if no email is present in UID and proposal for new "oneline" output...2020-01-02T22:02:43ZpazShow name if no email is present in UID and proposal for new "oneline" output formatIn #227 we chose a "oneline" format to represent a key in a single line. Apparently not including an email address is more common than expected. It doesn't produce actual error if the email misses from the description but it creates conf...In #227 we chose a "oneline" format to represent a key in a single line. Apparently not including an email address is more common than expected. It doesn't produce actual error if the email misses from the description but it creates confusion (see e.g. #325).
Thus I suggest to include the "name"-part of the UID if no "email" is present.Next Big Thinghttps://0xacab.org/schleuder/schleuder/-/issues/284Throttle concurrent Schleuder-processes2020-01-05T13:16:46ZpazThrottle concurrent Schleuder-processesWe should throttle the number of parallel Schleuder-processes in order to avoid having processes killed due to memory-shortage when a lot of emails are being delivered at once.
With this we would not need an incoming queue anymore (#75).We should throttle the number of parallel Schleuder-processes in order to avoid having processes killed due to memory-shortage when a lot of emails are being delivered at once.
With this we would not need an incoming queue anymore (#75).https://0xacab.org/schleuder/schleuder/-/issues/278Introduce and ship apparmor profile2020-01-02T23:33:05ZgeorgIntroduce and ship apparmor profileCurrently this does get evaluated, but it seems, Debian will enable apparmor by default in the next release buster. We should ship a profile to make use of that and strengthen the security of the overall system.Currently this does get evaluated, but it seems, Debian will enable apparmor by default in the next release buster. We should ship a profile to make use of that and strengthen the security of the overall system.Next Big Thinggeorggeorghttps://0xacab.org/schleuder/schleuder/-/issues/200config option: Post delete hook2018-05-21T15:46:54Zgeorgconfig option: Post delete hooke.g. to wipe the list dire.g. to wipe the list dirhttps://0xacab.org/schleuder/schleuder/-/issues/199Allow deletion of keys only when no subscription uses them2017-05-16T12:53:40ZgeorgAllow deletion of keys only when no subscription uses themhttps://0xacab.org/schleuder/schleuder/-/issues/196Show warning if weak key is used / extend trust_issues2020-01-04T12:23:01ZgeorgShow warning if weak key is used / extend trust_issuesFuturehttps://0xacab.org/schleuder/schleuder/-/issues/170[configuration] encrypt-only always on when resending to this list of emails2017-07-29T10:52:49Zemmapeel[configuration] encrypt-only always on when resending to this list of emailsI would like to have the possibility of maintaining a list of email addresses (that are external to the list, but that we mail a lot) so we **never, ever**, send them email unencrypted.
Specially useful when you get used to X-RESEND an...I would like to have the possibility of maintaining a list of email addresses (that are external to the list, but that we mail a lot) so we **never, ever**, send them email unencrypted.
Specially useful when you get used to X-RESEND and then the key of the external recipient expires.https://0xacab.org/schleuder/schleuder/-/issues/151Implement subkey rollover2020-01-04T12:24:22ZgeorgImplement subkey rolloverTo not loose track of this, because I really like the idea, see [this](https://0xacab.org/schleuder/schleuder/issues/96#note_34766) comment by @dkg:
> I'd put aside the question of expiration dates for primary keys, and instead foc...To not loose track of this, because I really like the idea, see [this](https://0xacab.org/schleuder/schleuder/issues/96#note_34766) comment by @dkg:
> I'd put aside the question of expiration dates for primary keys, and instead focus on expiration dates for the encryption-capable subkeys.
schleuder can do automated subkey rollover, and can destroy the expired subkeys, which makes it so that a compromise of the schleuder instance at time T is only capable of decrypting copies of mails sent since the last rollover.
If schleuder always included its latest key in every e-mail, and had an automated/scheduled rollover practice, then things could work pretty much automatically, and you'd get this nice "forward-secrecy"ish property.Futurehttps://0xacab.org/schleuder/schleuder/-/issues/144Allow list-configuration via keyword2020-01-02T23:59:26ZpazAllow list-configuration via keywordSome people would like to configure lists via keywords. We should consider how that might work.Some people would like to configure lists via keywords. We should consider how that might work.https://0xacab.org/schleuder/schleuder/-/issues/96Set expiration date for list keys2020-01-04T12:23:21ZpazSet expiration date for list keysI personally always set an expiration date for PGP-Keys to make sure that in case one looses access to modify the key, the problem will not stay for ever..
Schleuder3 currently creates list keys with no expiration date set.
How do ...I personally always set an expiration date for PGP-Keys to make sure that in case one looses access to modify the key, the problem will not stay for ever..
Schleuder3 currently creates list keys with no expiration date set.
How do you think about setting an expire date per default e.g. in 2 years after creation?
Futurehttps://0xacab.org/schleuder/schleuder/-/issues/56Option to fetch key for admin from keyserver when creating list2023-12-29T16:40:18ZpazOption to fetch key for admin from keyserver when creating listAlternatively to a file-path it should be possible to specify a fingerprint which is used to fetch the key from a keyserver.Alternatively to a file-path it should be possible to specify a fingerprint which is used to fetch the key from a keyserver.Futurehttps://0xacab.org/schleuder/schleuder/-/issues/48If resending fails don't send message over list.2020-05-14T12:54:28ZpazIf resending fails don't send message over list.In case the resending failed (e.g. encrypted_only and no key), don't send the message to subscribers but reply to the sender to spare everyone a useless message.
If there are multiple resend-requests we should only abort if the first ...In case the resending failed (e.g. encrypted_only and no key), don't send the message to subscribers but reply to the sender to spare everyone a useless message.
If there are multiple resend-requests we should only abort if the first one fails. After sending out the message to the first resend-recipient it is "out there" and we should send the message also over the list.Future