Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Encryption for notification emails #18236

Open
almereyda opened this issue Mar 13, 2025 · 0 comments
Open

Encryption for notification emails #18236

almereyda opened this issue Mar 13, 2025 · 0 comments

Comments

@almereyda
Copy link
Contributor

Description:

Synapse sends notification emails. These contain the plain text of a message, when it is unencrypted. They contain the phrase "An encrypted message." for encrypted ones.

It is imaginable that people put their GPG / S/MIME public Key / a reference to a fingerprint on a Keyserver into their profile and Synapse uses that to encrypt notification messages about encrypted messages.

This way people could keep a human-readable copy of the message, while privacy is still maintained.

Due to the complexity of key exchange and multiple data paths, we would probably have to assume a multitude of edge cases, in which things don't work or work differently than in others. This would need to be considered, e.g. optionally also continuing to send the "An encrypted message." plain text notifications, in case something breaks or to have usable notifications when the secrets are not available.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant