- is it possible to not encrypt a message ?
Absolutely. Encryption is purely optional. I just added to the existing "Preview" and "Submit" buttons a masked text input for the encrypt key and an "Encrypt & Submit" button.
(Being able to quote a decrypted message was a bit tricker. I had to replace, when a decrypted message was being viewed, the simple hypertext link of the quote button with an actual form input button that used POST VARS - because, otherwise, the encryption key would be visible in the URL.)
- how do you transmit to another user the key you've used to encrypt a message ?
There's always something. <grin> If you want to keep the key a secret, you could send an innocuous email message talking about, say, the weather. Then, after you'd deleted the message from your Sent items, and the recipient from their Inbox, you could refer to something you'd said and use that. (It would have to take a concerted effort for an administrator to then go through all correspondence and try to figure out the reference - depending, of course, on how subtle you were - and if both referencing messages had been deleted, then it would never be figured out.)
Yes, you're right that there's no straight forward way of doing this. (Although perhaps if both parties have actual email accounts.) But it could be worked out.
i like the idea.. however since (ideally) only admins have access to the db, it might follow that those admins that might consider installing this, dont need to since theyre not peeping into ppl's pm's, and those that are peeping, wont want to install it.
There could be other reasons.
- To reassure people that things really are safe - from a user perspective, wouldn't it be nice to know that you could encrypt a message so that nobody, including any administrator, could view it? Everything being equal, I'm sure that people (those who cared about the issue anyway) would rather communicate on a site where this was present than where it was lacking - so it's a good "selling feature" to attract more users. (In combination with SSL only access to your site it would make PMs pretty much foolproof.) As an example, I had one user of a board I moderate PM me, asking if their PMs were really not viewable by anyone. I had to tell them that, in theory, the administrator could view them...
- If there are two or more administrators running the site and one or more of them wants to be sure that the others will never be able to see one of their messages.
- To be protected in case somebody hacks into the system.
- If you're sharing your computer with other people and want to make sure that something you're reading is only accessible at the time that you've supplied the password and decrypted it (once you've cleared the decrypted version of the message, even if somebody sits down at your computer and looks at your Inbox, including the encrypted message, they won't be able to decrypt it to read it if they don't know the password).