Customers would like WebAccess to be able to send digitally signed or encrypted email messages as the windows client can
by: Mike B. | over a year ago | WebAccess
Micro Focus Enhancement Requests Portal is moving. We are migrating the IDEAS from this site to the New Idea Exchange on May 6th. For more information on the new Idea Exchange please visit the Community FAQs.
Votes
44
Webaccess - Digitally Signed emails
by: Mike B. | over a year ago | WebAccess
Comments
Yes! Important.
especially we want to be able to compute .p7m signed mails. As .p7s is already fully functional ...
I get more and more customers with this error. So it is very important. And in my mind it is a bugfix not an idea.
Best Peter
Unconditional needed here!
Yes! Hurry Up!
This really isn't a viable solution.
Too many systems do not support PGP and the complexity with the customer setting up a public/private key relationship is confusing and complex at best.
The better solution would be a secure "vault" ( like Filr :)
Erich, I don't believe this is about PGP.
It's about providing the same functionality that is in the Windows client (S/MIME) in WebAccess. The Windows client supports certificate signing of emails and encryption (not PGP). I believe others want this functionality in WebAccess as well. I do, and my company does. I also want this ability in the Linux client since we avoid using Win OS.
Thanks Brent for the feedback, but it doesn't matter what encryption your using.
Most cloud email systems do not support any encryption. That means its no good for GMail, Yahoo, AOL, Hotmail. Why even bother if you can only use it for 3% of the email systems.
To compound it email should not be used to transfer files, SMTP is a terrible transfer protocol.
Invest your time and money in a 100% solution. You can still use email to send notifications, but the storage and transfer of the encrypted files should be outside the email system.
I think you still misunderstand something here. This isn't about sending files but signing and encrypting emails!
I also disagree with your opinion that it's only worth for 3% of the email systems. e.g. many of our customers are vehicle manufacturers and meanwhile they insist on encrypted email communication. So these 3% are much more important for us than GMail, Yahoo etc..
Besides like Brent mentioned "It's about providing the same functionality that is in the Windows client (S/MIME) in WebAccess."
btw i also relly need that feature!
I am sure you missunderstand the Problem. We also use SMime Certicates so out customers could trust our Mails, because they are signed. The Problem is, if the Mai is signed with an p7m Signature the GroupWise users could not read it in Webaccess or on there mobile phones. Tehy first has to open it with the fat Client, then they are able to read it with the Webaccess or mobile phone. So it is important for my GroupWise customers, because some of the CEO´s read 90% of there Mails with an mobile Client.
Best Peter
Apparently I have kicked a bee's nest and I apologize if i have offended anybody (it just my opinion). I understand the issue, its been around forever. How do we secure the message including attachments and validate the sender and yes S/Mime works for that.
There is also Sender Permitted Framework, DomainKeys, Bayes Score and a few others for sender verification.
S/Mime, PGP, Bitmessage and GnuPG actually encrypt the message content prior to message transfer.
And of course there is SMTP with TLS and DANE to secure the message transfer.
What I am saying is none of these solutions are 100% compatible or they are downright circumvent-able. We don't have the luxury of excluding the GMail, Yahoo, Hotmail and AOL.
We have therefor concluded email is not a viable solution for secure communication or data transfer and any solution would need to be done outside of email. This would include HIPPA, FERPPA and PCI compliance requirements.
If your business communicates with a subset of email accounts that can support S/Mime great, but what are you going to do when on of these groups moves to Google Apps or Office 365 or the next great cloud service?
BTW I voted this feature, I just had to make a comment about it, that I regret. :)
Erich, The great thing about the idea portal is we can have these kind of discussions in which everyone's opinion counts. An idea is not a solution to begin with, but the idea grows with the amount of input given.
For secure file transfer I'm also for a Filr integration in my email system, to be able to 'auto share' a file with someone I send the message to. For inbound attachments I would like to see Filr 'Drop Folders' for which I created an idea @ https://www1.v1ideas.com/MFI/novell-filr/Idea/Detail/1414
Maybe for really secure messages we not only should leverage Filr as a file-vault, but also have a message-fault (which could be in GroupWise or in Filr - well, a message is still a file) which allows the recipient to get access to the message content that way.
I'm afraid this is an interesting, yet hypothetical discussion. Webmail vs. encryption is a long standing issue that's in reality close to impossible to solve, as it contradicts each other. Even with a fat email client, the necessary certificates are stored *per machine*, locally. For a good reason. Now how do you do this with a web client whose only line of defense in normal cases is a username password, and which can be accessed from anywhere?
There are some attempts of a solution, like Microsoft who adds a local component to OWA, which of course then turns OWA into a fixed client that only works from that one machine again. Then there are certain plugins for certain browsers for certain OS' for e.g Domino, which is a usability and compatibility nightmare, thus unuseable.
IMHO, for the time being, we have to acccept that webmail and S/Mime at least are more or less mutually exclusive, and I also think that the effort to implement something that by design must either be half-baked, insecure, or unuseable is not worth it. Webmail is on a steep decline, many of my customers have by now switche doff webaccess, and only use mobile clients.
I *do* agree though, that we need S/Mime support for mobile clients. But that also depends a lot on the individual mobile device again, unfortunately.
I am still not sure if this discussion is right in this tread. My customers do NOT have Problem with encrypted Mails, The Mails are decrypted. They have Problem with just signed Mails. That if the Signature has the .p7m Format, Webaccess an GMS are not able to show this Mails before you opened it in the FAT Client. That is my Mayor Point. For Mail en- and decryption we have perfekt Gateway Solutions and it is not necessary to place this into GroupWise.
We have customers where we use only encrypted mails for several reasons. As long as I am in my office no prob, cause GW-client can handle that. But often we are not in the office but somewhere else on a fair etc. Webaccess is partially not usable if I can't read encrypted mails from our customers.
So please enable that feature asap. Enhancement request is more than a year old.
Please re-read my comment two above yours. YOu're waiting for something almost impossible (at least not without breaking security), so instead I suggest you look for a different solution, like enabling caching mode access of a full client.