Hi,
I just stumble upon your project. It looks really nice, by far one of the best interfaces in open source webmails.
Do you plan to add support for GPG encryption? Roundcube has a GPG plugin that works quite well. MailPile is planning to integrate GPG from the ground up (in its architecture).
In these times where our privacy is endangered by mass surveillance, this would be very nice :)
Just my 2 cents!
Regards,
Yeah, I'm interested in this functionality.
However, I still do not understand where the users to store their private and public keys?
They will not trust web application.
Yep, that's actually the biggest problem. There's a draft from the W3C (WebCrypto: http://www.w3.org/TR/WebCryptoAPI/) That should help in the future. For now, I've seen that the roundcube plugin for GPG uses a library named openpgpjs.
It stores the keys in the localstore. This is a nice idea, but I don't know how it does to be secure enough.
Maybe interesting to investigate though :)
As for MailPile, they are now only focused on desktop usage, therefore, the keys are stored in the OS keyring.
Maybe you will find some insperation in this project:
https://github.com/toberndo/mailvelope
@RainLoop I see you've started to work on it: thanks a lot!
Can't wait to use it :)
Note!
Complete functional is not ready.

Thanks!
I will test that soon and give you a feedback.
That seems really promising! Will see if I can set up a beta installation of rainloop to test it :)
This looks very promising! I'm running master on a test server, so let me know if I can test something or other.
Please, try latest version of the RainLoop Webmail with OpenPGP.
Thanks for implementing this feature. I'm experiencing a problem however, the generated keys will disappear suddenly, happened twice so far; couldn't find anything in the logs; happy to provide any info as requested.
OpenPGP keys are stored in the browser local storage.
Did you use one browser in both cases?
ah, I see. I went back to the original browser and found them. Sorry.
This makes for a usability issue managing private keys when using multiple computers; that is outside the scope of this product though.
Thanks.
Thanks for the awesome product.
Can we store the OpenPGP keys in the server side instead of browser local storage ? In that case , I can use the keys regardless of browser I use as well as on-the-go mobile device , wherever I'm .
Since the key stored at server (web host) , I feel that's safe and secure , access is limited. I thought of sessions Vs Cookies. Correct me if I'm wrong.Browser cache can be accessed by one who , right?
@kesavanm It's common good practice not to give your private key to anyone, even what would be a "secure" web host. This key is the only one that proves that's really you. So you should try hard to limit its exposure.
This is the general problem encountered with PGP, keys storage is the least convenient thing in PGP (IMHO).
storing public keys in the contacts would be a more logical place for these. It's also quite safe to store public keys server-side.