Webmail script with smime support - encryption

Have anyone know anything of any webmail script which provide s/mime support? I'm using roundcube but it doesn't provide it yet.

If you want to send encrypted and/or signed messages using S/MIME format you may give a try to Fossa.me. It is not a standalone solution, but an extension to Google Chrome browser. Also, you will need to have a GMail account. However, runs in a browser like a script.
Disclaimer: I am developer of that extension and PKI services used by it.

Related

Front-End Mail Client on wordpress?Possible?

I have a wish to somehow create on front-end a page with webmail client, to access up to 20+ email accounts, also send/recieve emails, etc. Like Thunderbird, or any other email client but on web. I didn't found any plugin for this purpose and maybe you have some ideas how to do that? Thanks!
this might be extremely hard if you wish to build from scratch. My best guess is that you need to find an open-source email client and integrate it within the WP framework. But that also will be hard to do, finding an open-source email client will save a ton and tons of time to build a strong email client but you're going to have to customize its structure to make compatible with WordPress environment, like database calls, authentication and more.
Still, you can always build a simple email client that checks the client email server grab his emails, and send an email if they want to, this is possible using the POP, SMTP PHP functionalities that allows you to talk to the email server.
Thanks

Does google native client support sys/socket.h

I am aware that google native client uses pp::TCPSocket. does they also supports sys/socket.h.
I dont want to change the complete implemantation for socket. Hence want to clarify the things.
Yes, you can use sys/socket.h via the nacl_io library. See https://developer.chrome.com/native-client/devguide/coding/nacl_io.
Take a look at the examples/demo/nacl_io example in the sdk, it has a basic example of using connect/send/recv.
Note that TCP/UDP sockets are only available to Chrome Apps installed from the Chrome Web Store.
See https://developer.chrome.com/apps/app_network for information about using sockets within a Chrome App. This document explains how to use the JavaScript socket API. In Native Client, you'll use the BSD socket API, but you still need to specify the correct permissions in your App's manifest file.

Distribute Qt symbian app other than in OVI store

I have a Express signed Symbian app, developed in Qt. I don't want to publish it in Nokia OVI store. I want to distribute the app to some particular people only. What should I do?
I think uploading the SIS file in my website and provide a link to download the app is not a feasible solution in my case.
Can I just mail the SIS file to those set of people? Or is there anything like "Targeted Distribution" (like in the case of Windows Phone) for Qt apps?
Ok i correct my previous statement about unusability of email distribution. I based that assumption on the path i had to take for enabling a limited distribution some time ago (that is, a web download). Have a look at the following URL
http://my-symbian.com/s60/faq/showquestion.php?faq=4&fldAuto=13
If your target user has Nokia PC Suite, you can deliver the file to him in any way, but he needs to know how to install SISX with the Suite.
IR/Bluetooth probably doesn't apply, you want to do distribution not point-to-point.
"Physical" distribution over MMC is perhaps too cumbersome for you
If your target user has email reading set up on his phone, you indeed can send him an email with SISX in attachment. This means real Symbian native email agent not "reading webmail over browser" - you would lose a crucial MIME type of the attachment that way. See below.
The widest applicable method, webpage OTA. If you need to restrict the access, you can always set up HTTP authentication on that webpage and let your target users know the name and password. However there is one crucial step for this to work: you need to override the MIME type of SISX HTTP download. By default, application/octet-stream will be assigned by a generic webserver, which won't work. You need to do some HTTP response hacking.

Remote site and client private keys

I have a bit of a difficult situation in that I need a way for a client connected to an ASP.NET MVC site to sign and decrypt blobs with their private key, such that the server never sees the private key material. In the decryption case, these are encrypted session keys. It is acceptable that the server see the session key, just not the users private key.
That is, I need to present the user some content in a browser, have some javascript (or java applets, or silverlight, etc.) execute client side that communicates with a hardware token on the client, and returns the result to the server.
This is NOT client side authentication. I don't need to simply authenticate via IIS with a certificate. The hardware tokens are HID OmniKey USB readers.
My understanding of the options available are:
1. Mozilla Javascript Crypto - This seems to be the optimal route. It appears that Firefox exposes various smart card events and functionality to remote sites. I see how to sign text, but nothing about decrypting blobs (the largest goal). There seems to be methods for loading a PKCS#11 module, but the documentation seems to stop after that.
2. Silverlight with Elevated Trust - This is my second preferable route, because of familiarity with Silverlight and .NET. Silverlight 5 has the ability to P/Invoke, so I could always call the PC/SC modules, but this requires running Out of Browser, which I can't do. There seems to be some posts about running a Silverlight app In Browser with elevated trust, but this is a global setting, and so I don't want to diminish security for other applications.
3. ActiveX - An ActiveX component can interact with the PC/SC module, but this would be an Internet Explorer only solution. If forced to pick a required browser, I'd prefer Firefox or Chrome.
3. Firefox/Chrome Extension - My understanding is Firefox XPCOM is C++, and I can just directly call the PC/SC libraries, and the extension can interact with scripts/DOM on the remote site. I'm not sure how the remote site though can trigger a Firefox extension. In other words, how does the remote site tell the extension "ok, it's time to sign"? One such example of this route is XSign (though it doesn't use hardware tokens).
4. Java Applet - This might ultimately be the only way to do it. I've found a couple examples/guides, but I'm not familiar with Java. Java Applet for Signing with a Smart Card. In this case, it's just a simple applet that can communicate with the token, and post the results to the site.
Are there other options available? I believe option (1), Mozilla Javascript Crypto is the best approach, but the documentation is beyond sparse. Thanks for any guidance.
I have virtually examined all options. The last option (Java Applet) is the most appropriate for your case and easiest to implement. The downside is that JRE (Java Runtime Environment) should already be installed at client side and plays nice with the browser. User also has to grant permission to the applet to connect to his smart card at first run.
BTW if you want to use PKCS#7, you can use Bouncy Castle. It has no standard API in JDK.
PS: Don't use JavaScript for cryptography. Javascript Cryptography Considered Harmful.
Maybe you could consider just having the clients download a native application and install it (once). You can have them use that app to do the authentication and negotiate a session key with your server - the app could then launch a browser with the session key in the launch url. "Native" apps could probably be not that native - use java or .net (if you're windows only) or python etc.

ASP.NET application to make a skype call

I want to develop a web application that will have textbox and button. When the user enters a number and clicks on the submit button, I want to make a Skype call from the host. How can I do this?
Er... you're in for a world of pain. First, sure, your server could possibly make a skype call, but how would you handle the back-and-forth to your user's browser? Tons of custom programming with a rich client framework, that's how.
Better to let the user just use skype themselves. Look into the callto:// URI header for details.
Can't you setup your links with callto:// prefixes? If the user has the option enabled in Skype then the application will be associated with those links.
How to Use the Skype Callto:// Links
Perhaps you could build a link on the fly and initiate a call this way?
You can generate a link with HTML with a callto: address to launch the Skype client and make the call (if the client software is configured to do so), which is hopefully what you're looking for. See: http://chrisabraham.com/2005/05/05/how-to-hyperlink-to-a-skype-call-with-your-skype-contact-id-or-telephone-number/
If you want to actually get into the API, you'll need some kind of desktop C# application and interface with the Skype API, see following for details:
http://share.skype.com/sites/devzone/2006/12/c_example_project_for_skype4co.html
http://www.codeproject.com/KB/cs/skypecontrolapicsharp.aspx
So lets say you did launch a process on the server and automate the skype client on the web server. It then dials your customer via a phone located in the data center and the customer hears .... what? IIS isn't very talkative.
I know this is an old thread but we are getting a few visitors to our site from it. If you want to embed clickable links into your website that work with Skype please use the Skype URIs, see: https://dev.skype.com/skype-uri.
[Skype:echo123?call][1]

Resources