Re: [Nms-cgi-devel] Feature Request

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

On Wed, 2005-10-12 at 02:24, Jonathon Hill wrote:

> I am a novice Perl programmer and web developer. I need to collect info
> from a form and have the info encrypted and e-mailed to me. I would be
> willing to try to make it work, but being a novice I figured you all
> would probably rather me keep my grubby little hands off your nice clean
> code! :-D  Anyhow, if anyone knows of a solution or is willing to add
> this feature to NMS FormMail, or has any other suggestions, please let
> me know.

This is unlikely to be something we are going to add to FormMail (unless
someone sends us a suitable patch of course) as we are focusing mostly
on our TFmail for new developments.

The problem we have with encryption is that in terms of the NMS programs
it is always going to rely on some external program or library as
implementing strong encryption in pure perl is going to be intolerably
slow in terms of program runtime and also will require a lot of time
from a skilled developer to implement.

Now in terms of using some external program we have a problem: we don't
know *what* programs are available and, bearing in mind that the
majority of the people using NMS programs are using shared hosting where
they are unable to install any new programs that need compilation, we
can't mandate a particular encryption program to be used.  Further even
if we were to assume that a particular encryption system (say GnuPG)
were available then it would be difficult for most peole to use as it
will require access to a shell on the server to create the keys and so
forth.

Of course this is not to say that we can't help you at all: I would
envisage creating a generalised pipeline filter mechanism for the e-mail
contents, I.E. a program can be specified that will process further the
standard content and that filtered content then supplied as an
attachment to the main message, so for instance (if one where to be
using GnuPG) one might specify something like:

    gpg --encrypt --armor -r jn...@ge... -

if you were sending an encrypted message to me. and you would end up
with an attachement like (this is just the output of 'ls' of course):

-----BEGIN PGP MESSAGE-----
Version: GnuPG v1.2.3 (GNU/Linux)

hQEOA1xBnKILf4CfEAP+ISKDcDk05wXcZ6jvpGijRmNlZIHtN4oekDW6Qssqq+GX
jHGWwGyxTKg8gzKnqs/FddwoLsE0u++1JXFbqOMpThVT3csgK/dniMw6HrSWHzSv
/drm5K1ZpjHV4+HDpn+6AbIYVIYKVn3pPh8tc1nbIoN/cDmJKQORQGbIsf2c1ucE
AN0CKMBccVQ3Pa/EjeWqPSUSB4vI1hi4pfJrWa7K3fuGZws+vruPZA+i/7trHl5k
DIaf0SHQXvKJOjfCWPVDlQdnRZBq5t9KV/GMV3s3AylaY2mUVKZAwJIGb9HZC10F
wLTbeR5di3wqsSTlVJ4hyvdhuF6NE0W4aCRlExI5+R8L0sBVAYsprmJd9n/qHqX9
j7dqPTZe8PMbZMKv5p8xcz0gkISimJeOfN1hrSqvTZxGwEqC9hy+eHnYB8Fe7p6X
jIJGjrP6nwOXx89E76KBfv1lWfWSgazbwHQuklAS0TeVr3M5PUafwfmwLnBBBbuu
uz5JB2ekds1nZstxz5m1IBQ/hy54HBgjWq2p7Ut3uC/MgV8PufkeZJ0j721vQaH9
mX04bKGTpdtU1XaIEv/6Zrl5fx1D0WK+J+ggjEJn9tclBNLRZbo+fuxBvn1GSvpa
VYgcI7WqeKn66Zmebj5Oaq7nX//va/uWlrKDs/eLt7pfMI1H70fugNZabaevkDHw
/Jmifm6Uick5QWyrJaSsds41+Ssao82cfg==
=zfch
-----END PGP MESSAGE-----

I guess that configuration would be also added to specify the content
type of the attachment and probably so separate templates could be
specified for the main body part and the unfiltered content of the
attachment.

Of course this all depends on some developer finding some time to
actually implement it, and as this is a volunteer effort no-one can make
any indication of when or if this will actually be done.  

Of course you might have a completely different idea of how the
encryption might be done, please feel free to supply some more detail.

/J\
-- 

This e-mail is sponsored by http://www.integration-house.com/