[B][I][CENTER]One of the interesting pieces of functionality that I think Zimbra is missing is support for verified and secure communication.

In particular there is very similar functionality needed for bugs: 9046 - S/MIME Support, 6158 - PGP Support, and 13108-Domain Key Supports and finally 17147 - OpenID. These bugs all revolve around identification/verification (in other words, signing and validation) and encryption/decryption.

To solve all of these I have been working on "Encryption Services for Zimbra." In the best Zimbra fashion, the toolkit consists of a bit of open source magic (In particular the Bouncy Castle providers, the Cryptix libraries, and altermime) , some server glue (two server extensions to provide key server functionality) , and some javascript to allow users to encrypt/decrypt/sign/validate messages and files.

The basic idea is that we want to allow the user to securely send email without compromising keys,

option:

Key creation/deletion with passphrase and arbitrary key length.
Key stores in armored ASCII and PKR/SKR work.
Key's can be signed to validate identity
RSA and El GAmel keys work.
Message encryption/decryption in armored ASCII works.
Binary encryption/decryption works.
There is a pretty good JUNIT testing framework for all of this.
Flatfile keystores work fine.
Key's can be imported from other keyservers.

download https://www.firedrive.com/file/4CDEF8FFCC696196