add support for autocrypt by default in Thunderbird
Categories
(MailNews Core :: Security: OpenPGP, enhancement)
Tracking
(Not tracked)
People
(Reporter: martin.monperrus, Unassigned)
References
Details
Autocrypt https://autocrypt.org/ is a promising direction for disseminating end-to-end encryption in the email realm.
This issue collects ideas and feedback on adding support for autocrypt by default in Thunderbird
References:
Updated•4 years ago
|
Comment 2•4 years ago
|
||
Today I also faced the problem with the update of thunderbird in debian. With thunderbird+enigmail I had working autocrypt which is broken since todays update. Now messages are sent unencrypted to contacts to whom the messages before have been encrypted.
I am a supporter of Autocrypt. As Monperrus correctly wrote in the OP, Autocrypt is mainly for "disseminating end-to-end encryption in the email realm".
In the Debian bug You linked, You wrote "sending sensitive information unencrypted while expected it being encrypted might be dangerous.".
Securing sensitive information is not the Autocrypt approach. Autocrypt follows the new perspective of opportunistic security: Encrypt if possible, otherwise send unencrypted, but make it easy for the mass of users to get encryption disseminated in a first step.
Nevertheless, I agree that if Autocrypt in TB 78 does less encryption than with Enigmail, this should be improved. Clear text is not wrong, but more encryption is better ;)
Comment 4•4 years ago
|
||
xref bug 135636
(In reply to Magnus Melin [:mkmelin] from comment #4)
xref bug 135636
OMG! Thank You all very much that You do Your great work on this other 19 year old bug (and KaiE astonishingly even commented in the bug already at that time). What a time journey, Netscape 4.x is referred to, what screenshots. Interestingly, opportunistic security was already an idea then.
Glad, that this topic is in hands of such professional, longstanding heroes.
Comment 6•3 years ago
|
||
I run TB86 as my daily email while I wait for essential functionality that was previously provided by plugins, such as Enigmail, to be either built into TB 78+ or enabled by less alienated developers. To keep up, I run TB daily on another box. There's some nice features (rational date/time formats YAY!) and while the core GPG support is starting to be usable, though there's a huge amount of work to be done before it comes close to matching the features of Enigmail, there's no support for autocrypt yet. Unfortunately, this is a core capability for an email client and unless/until web extensions supports the necessary hooks, the only options are to remain with TB 68 for daily use (me so far) or switch to Interlink Mail and News as we had to do when FireFox self-immolated and people who cared switched to Waterfox (or Chrome).
Comment 8•1 year ago
|
||
There's a lot more parts to Autocrypt than that. But perhaps sufficient.
FTR, "manual import of autocrypt sender key" is https://bugzilla.mozilla.org/show_bug.cgi?id=1631198 (FIXED)
Description
•