Konfidi Client Logic

From Konfidi

Jump to: navigation, search

The following is the logic that the email cli-filter currently uses. Most clients will work in a similar manner, depending on their context.

  • Options
    • process arguments
    • guess source fingerprint, from GnuPG private keyring
    • load config file
  • Parse email
  • Initial headers
    • strip all existing konfidi & pgp headers
    • add header "X-Konfidi-Client: cli-filter 0.1"
  • Get content and signature
  • Validate signature
  • Validate that 'From: ' address is one listed on the key used to sign
  • Add PGP headers
    • X-PGP-Signature
      • "none"
      • "public key not available"
      • "from mismatch"
      • "valid"
      • "invalid" ...
    • X-PGP-Fingerprint
      • long fingerprint
  • Query konfidi server
  • Add konfidi headers
    • X-Trust-Email-Rating
      • result from konfidi server
    • X-Trust-Email-Level
      • round(rating*10) x '*'
Personal tools