Deuxfleurs/aerogramme.deuxfleurs.fr
17
0
Fork 0
Code Pull requests Activity

Finalize the "concepts" part

Browse source
This commit is contained in:
Quentin 2024-01-23 10:20:19 +01:00
parent a1d94f6356
commit 9063b77e19
Signed by: quentin
GPG key ID: E9602264D639FF68
3 changed files with 22 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
content/documentation/design/_index.md
View file

@ -7,13 +7,27 @@ template = "documentation.html"
## Goals
**Highly resilient** - Multiple instances of Aerogramme can been run in parallel without coordination.
Multi-region support, survive datacenter failures.
**Easy to operate** - Transparently replicate mailbox and solve conflicts. Integrate with your LDAP server. Privacy friendly
**Per-user encryption of mailboxes.**
Can be run as a local proxy to hide your mailbox content from the server.
## Main concepts
[Per-user encryption](@/documentation/design/per-user-encryption.md) - TODO
[Per-user encryption](@/documentation/design/per-user-encryption.md) - Aerogramme can't persist data in plain text,
instead its whole data model is built upon the idea that a mailbox is a series of encrypted blob. These blobs do not reveal
the mailbox name, the metadata of stored emails or even the flags that have been put on them.
[Unbreakable mailboxes](@/documentation/design/unbreakable-mailboxes.md) - TODO
**Continuous Mailbox Merging** - As multiple instances of Aerogramme can be run simultaneously, and that's possible
that 2 instances interact with the same mailbox (over Garage), each process monitors external writes for the mailbox
they track and automatically do the merging [in a correct way](@/documentation/internals/imap_uid.md).
**Modular design** - Login and Mailbox storage is abstracted behind an interface: multiple
implementations are thus possible.
**Micro-service** - Stateless. 12 factor app.
**Microservice** - Aerogramme is stateless and tries to adhere as much as possible to the [12 factor app](https://12factor.net/) principles so it's easy to run in a cluster.

5
content/documentation/design/per-user-encryption.md
View file

@ -8,6 +8,11 @@ Aerogramme can't store plaintext data, instead all users data must be encrypted
Of course, cryptography is always a tradeoff with other properties (usability, compatibility, features, etc.),
so the way the key is derived and where the encryption/decryption can take place can be configured.
## Compared to PGP
PGP only encrypts the body of the email, it keeps in cleartext the metadata of your email (fields like From:, To:, or Subject: are readable by an attacker),
it can't protect your flags, your mailbox names, etc. Conversely, all this data is encrypted in Aerogramme.
## Security flavors
These different configurations are identified as flavors:

6
content/documentation/design/unbreakable-mailboxes.md
View file

@ -1,6 +0,0 @@
+++
title = "Unbreakable mailboxes"
weight = 20
+++
Test