A private web application needs to send and receive encrypted emails with perhaps a few dozen known users. This is a Java / Spring MVC app running on a CentOS 7 server, and using JavaMail to connect to dovecot/postfix, etc. Can someone please provide a concise synopsis of which technologies should be used to create keys that can enable remote senders to use a variety of different email clients to send encrypted emails that can be decrypted by the app running on this private server?
Background:
Currently, the app is able to receive GPG-encrypted email that is sent by Thunderbird users who imported an .asc file public key into their Thunderbird accounts. The public/private keypair was created on CentOS 7 using GnuPG. I have read that GPG and PGP are compatible. But I am finding that MS Outlook will not accept the .asc file. My reading indicates that Outlook uses a form of encryption called S/MIME, and that Outlook also has other additional requirements.
I would prefer to avoid having separate keys for users of different email clients.
This is a web application, so all the code to encrypt, send, receive, decrypt will be written in Java, perhaps calling command line tools, or perhaps using libraries like BouncyCastle.
Is there a single technology and tool that can be used to generate keys and other credentials that can be used by the vast majority of email clients? Perhaps with different parameters you can use at the command line to create different wrappers for the key so that the key can be absorbed and used by different email clients?
Ideally, I would like to be able to just use the gpg command in my CentOS 7 terminal to create public key files that can successfully be employed by users of Outlook and other email software in addition to just Thunderbird.
Finally, I am new to encryption. I am looking for a canonical answer, so that people reading this can have all the keywords and concepts needed to frame meaningful research on the topic.
Aucun commentaire:
Enregistrer un commentaire