[GH-ISSUE #680] Send access to the content instead of sending the actual content by email #442

New issue

Open

opened 2026-02-25 21:35:03 +03:00 by kerem · 0 comments

kerem commented

2026-02-25 21:35:03 +03:00

Owner

Originally created by @marclaporte on GitHub (Feb 24, 2023).
Original GitHub issue: https://github.com/cypht-org/cypht/issues/680

Originally assigned to: @David-Muhasa on GitHub.

Background: https://www.fastmail.com/blog/email-is-your-electronic-memory/

"The email in your mailbox is your copy of what was said, and nobody else can change it or make it go away." This is great. But there are cases where the sender doesn't want this.

The sender wants to invite someone to access messages, without sending the actual content by email. Why?

High security content like contracts or medical information
You may want to send via a chat app
Remove risk of only part of the emails arriving (dealing with spams and bounces)
Big file attachments that would be refused by certain mail servers. Ex.: https://www.hey.com/features/big-files/
Time sensitive message (access it within 14 days or you lose access)

So instead, you want a workflow like this:

Send a secret link where user is requested a second code.
This second code (2FA) is sent when user accesses the link above (This avoids old links to be usable without current access to mailbox or chatbox)
User accesses info. Likely a mailbox with previous messages in and out.

This may be well out of scope of Cypht. For example, some use Cypht on a machine which is not available online (effectively replacing a desktop mail client like Thunderbird). Thus: if the Cypht community/code base is not appropriate for this, we can do in Tiki (which bundles Cypht): https://doc.tiki.org/Cypht

Originally created by @marclaporte on GitHub (Feb 24, 2023). Original GitHub issue: https://github.com/cypht-org/cypht/issues/680 Originally assigned to: @David-Muhasa on GitHub. Background: https://www.fastmail.com/blog/email-is-your-electronic-memory/ "The email in your mailbox is your copy of what was said, and nobody else can change it or make it go away." This is great. But there are cases where the sender doesn't want this. The sender wants to invite someone to access messages, without sending the actual content by email. Why? - High security content like contracts or medical information - You may want to send via a chat app - Remove risk of only part of the emails arriving (dealing with spams and bounces) - Big file attachments that would be refused by certain mail servers. Ex.: https://www.hey.com/features/big-files/ - Time sensitive message (access it within 14 days or you lose access) So instead, you want a workflow like this: * Send a secret link where user is requested a second code. * This second code (2FA) is sent when user accesses the link above (This avoids old links to be usable without current access to mailbox or chatbox) * User accesses info. Likely a mailbox with previous messages in and out. This may be well out of scope of Cypht. For example, some use Cypht on a machine which is not available online (effectively replacing a desktop mail client like Thunderbird). Thus: if the Cypht community/code base is not appropriate for this, we can do in Tiki (which bundles Cypht): https://doc.tiki.org/Cypht A related idea: https://www.hey.com/features/sharable-links/