Affected version(s): OX Guard 2.xx
Scenario
Imagine following scenario:
- OX App Suite user <karla@appsuite.org> sends an encrypted email to unknown external user <jakob@somewhere.net>
- OX Guard will create a guest account for Jakob which also creates a guest PGP key in OX Guard
- At some point Jakob decides that PGP is quite a cool thing and creates his own PGP key which he uses in his mail client
What needs to be done to tell OX Guard not to use the guest account in the future anymore but Jakob's new key?
Solution
Currently neither Karla nor Bob can mark the guest account as deprecated or even delete it. This can only be done by the App Suite admin. To get rid of the guest account's key, the account has to be deleted, using the command line tool
# /opt/open-xchange/guard -D jakob@somewhere.net
Important
Deleting the guest account also deletes all the encrypted content without any chance to restore this data.