Open Bug 1703373 Opened 1 month ago Updated 10 days ago

Thunderbird caches and does not automatically refresh the content of pubring.pgp

Categories

(MailNews Core :: Security: OpenPGP, defect)

defect

Tracking

(Not tracked)

UNCONFIRMED

People

(Reporter: neal, Unassigned)

Details

The first time an OpenPGP function is used, Thunderbird scans the content of the pubring.gpg and secring.gpg files and caches the results. Thunderbird only updates the cache if the user goes into the OpenPGP Keyring Manager and selects File and then Reload Key Cache. This is annoying if an external program updates pubring.gpg in order to synchronize the public keyring across different computers.

It would be nice if Thunderbird would either drop the cache and just let RNP worry about managing the keyring, or if Thunderbird would watch the files (e.g., on Linux using inotify) and then reload them as required.

In general we don't support letting external applications poke the Thunderbird internal files, which I think there should be considered to be. So this might be wontfix.

Is there any API available to modify the keyring? I understand from the Mailfence and Thunderbird partnership announcement that functionality like this will be added:

Thunderbird, will benefit from an automatic sync with all of the Mailfence tools: email, calendar, contacts, and encryption keys.

(my emphasis)

Currently, the Octopus implements a Parcimonie-like service. If a key has been superseded, Sequoia may find it (e.g., in WKD). Unfortunately, the user will only notice when they restart Thunderbird. Even if Thunderbird doesn't want to support the Octopus, Parcimonie-type of functionality could be added to RNP, and then something like this would be needed.

Finally, people are doing this anyway so it would be good to support them.

There's no API for something like that.

You need to log in before you can comment on or make changes to this bug.