- authentication using Apache Directory Studio (LDAP)
- client generates private key and certificate signing request
- the CA (server.py) stores a signed certificate for that user
- when a client wants to send a message to another destination:
- first it requests the destinations certificate from the server
- then it encrypts the message using its public key and sends it to the server
- when a client receives an encrypted message:
- it decrypts it using its private key
