1873567 - Thunderbird should automatically refresh known OpenPGP keys from keyservers/WKD and possibly other sources (e.g. DNS)

Status: ASSIGNED

(MailNews Core :: Security: OpenPGP, enhancement)

Description

[Kai Engert [:KaiE:]]

Thunderbird should automatically refresh known OpenPGP keys from keyservers/WKD.

I think that enabling refreshing of OpenPGP keys by default, for all users, requires that we implement lookup privacy as a precondition (bug 1873171).

Comment 1

[Kai Engert [:KaiE:]]

Attachment: Bug 1873567 - Initial support for automatically refreshing OpenPGP keys. r=mkmelin

Depends on D197768

Comment 2

[Kai Engert [:KaiE:]]

(In reply to Kai Engert [:KaiE:] from comment #0)

I think that enabling refreshing of OpenPGP keys by default, for all users, requires that we implement lookup privacy as a precondition (bug 1873171).

I've changed my opinion. I no longer believe the strong privacy is a precondition.

Having updated keys is very important, to learn whether a key is revoked or not, or whether it has been extended after it expired.

I think that we should offer an option for users to route through a privacy protecting network, optionally.
Users who are worried about the leaking of their social graph can enable that pref, and configure Tor.

It would still be good to implement some of the ideas from bug 1873171 eventually, so that at some point we could enable that privacy by default.