ePGP extension for mobile

Tue Dec 31 09:58:22 CET 2013

Olav,

Thanks for the pointers below but they do not exactly address my needs.

I've definitely done some reading. The current ePGP tool as-is is more of
 desktop solution. The question I sort o ask was: Is there an Enterprise
PGP solution for mobile devices running Android/iOS?

Best,

Edwin

On Tue, Dec 31, 2013 at 1:56 AM, Olav Seyfarth <olav at enigmail.net> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: RIPEMD160
>
> Hi Edwin,
>
> > The question is about data-in-motion (email). "Is there a way to extend
> the
> > deployment to cater for emails sent from mobile devices (running Android
> > and iOS OSes)?"
>
> I am sure you did a search before you posted this, didn't you?
> It should have revealed at least these:
>
> ANDROID
>
> AFAIK K9/Kaiten + APG was the first OpenPGP Mail solution for Android:
> https://play.google.com/store/apps/details?id=com.fsck.k9
> https://play.google.com/store/apps/details?id=com.kaitenmail
> https://play.google.com/store/apps/details?id=org.thialfihar.android.apg
>
> There also is a fully integrated app; its UI is not as smooth as Kaiten
> yet:
>
> https://play.google.com/store/apps/details?id=at.rundquadrat.android.r2mail2
>
> A standalone GnuPG implementation (e.g. for key management or own
> solutions):
> https://play.google.com/store/apps/details?id=info.guardianproject.gpg
>
> IOS
>
> I don't own/use Apple phones, so I cannot rate these apps, please test
> yourself:
> https://itunes.apple.com/de/app/opengp/id414003727
> https://itunes.apple.com/de/app/ipgmail/id430780873
>
>
> <OT>
>
> I cannot tell the quality of those apps in respect of robustness against
> attacks
> or about the qualification of their developers. If you use these apps, you
> effectively trust them blindly. I'm not telling you shouldn't (I also use
> them).
> But taking into account that implementing a crypto system is the "hard
> part" and
> most past practical attacks against crypto systems only were only feasible
> due
> to weak programming or system engineering (and not the crypto itself,
> which most
> probably is used by these apps in form of libraries), it's worth thinking
> about.
> Well, but what's the alternative? Bying something from RSA? *smirk*
>
> Although I hold a dregree in computer scince, I am not a programmer and
> cannot
> peer review these apps. But I feel this would be necessary and maybe
> someone on
> the list already reviewed or is willing to one or another app source.
> Would be
> interesting to hear about. Concering this list: is that too off-topic?
>
> Due to the nature of device roaming, on mobile devices other questions
> arise,
> too. At least think about device authentication, encrypted storage
> (device/app),
> and whether want to use/store the same secret key (or use different
> (sub)keys).
>
> </OT>
>
>
> Olav
> - --
> The Enigmail Project - OpenPGP Email Security For Mozilla Applications
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.22 (MingW32)
> Comment: Dies ist eine elektronische Signatur - http://www.enigmail.net/
>
> iQGcBAEBAwAGBQJSwiQgAAoJEKGX32tq4e9WsLEL/0LmTMZ8+obDRgfUuVqBpM7t
> Lc7FOkar/ibJvdTW5/O2O40cIwRFzVnIQE1nZ3H5eyVEJ7eCdb/Ofub+30kcCV5O
> q/a2mYOUfrabIcxsNX9Lf3RcUEczigoQnTKG9f5m6qY70DE/G9toE5cfUmP+E2QG
> H0cHTYqSc4TN67CioiSHNgn0EMTVuTxHNz9MsnOLWrF3GrV8YiqUuRf7DvkZ9kiv
> Uf/xSR0yMi/7QnZ+TviYyXShYpLcggeKjS5/lUREEJhRNGBprUmd8smeZFOSvxbm
> iNI1XEjpuaeqGbdJWJnodZ28/n7Wrd7dA4WWQQFfGzlvMvt+GSoZlKKYrJMpJ8uI
> Ke7l523BAIPgXEbd9wh6sUBW2h7DUoDXBmmA+rD+iIxbFaL/2n2NIH30m/pRJ8H+
> qaeN4CJYNdLhwWN7Fo4wudmjouYsB0w4im965opc0AfsL5ItQuC1voRbFxLigcAn
> Gk+a4vzDankDwl5OpSTrWHNJD2jkc4C/MJQ43+6m6Q==
> =xIXi
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20131231/da092c77/attachment.html>