OpenPGP: prefs mailnews.send_plaintext_flowed and mail.server.default.mime_parts_on_demand
Categories
(MailNews Core :: Security: OpenPGP, task)
Tracking
(Not tracked)
People
(Reporter: KaiE, Unassigned)
References
(Blocks 1 open bug)
Details
The Enigmail add-on overrides the default values of the following prefs:
// disable flowed text by default
pref("mailnews.send_plaintext_flowed", false);
// disable loading of IMAP parts on demand
pref("mail.server.default.mime_parts_on_demand", false);
Let's track the decision for TB regarding these prefs, and potential consequences of not using the Enigmail preferred values.
|
||
Comment 1•5 years ago
|
||
I should probably explain why I change these defaults in Enigmail:
pref("mailnews.send_plaintext_flowed", false);if we send inline-PGP messages, then flowed text must be disabled as it allows to re-arrange the message text, which will lead to invalid signatures or non-decryptable messages. Being part of Thunderbird, we might be able to disregard the setting for inline-PGP (i.e. if the user creates an inline-PGP message, we ignore format=flowed settings). Alternatively, we might not offer the possibility to create inline-PGP messages.pref("mail.server.default.mime_parts_on_demand", false);if Thunderbird does not download the complete message, then PGP/MIME messages can't be decrypted or verified. I believe that this does not happen for S/MIME messages (i.e. that setting is disregarded for S/MIME), and we could just as well do the same for PGP/MIME messages
|
||
Comment 2•5 years ago
|
||
Well, mailnews.send_plaintext_flowed", false is a pain in Enigmail. I'm forcing it to true in a user.js and I've never seen a problem with PGP/MIME messages. As Patrick said, only an issue using inline-PGP.
|
Reporter | |
Comment 3•5 years ago
|
||
Patrick, thanks for the explanations.
Sounds like we should keep both prefs at the TB default values, and dynamically adjust the behavior as necessary, only if necessary.
|
||
Updated•2 years ago
|
Description
•