Thunderbird doesn't seem to easily allow using a PGP for e-mail XYZ for a different e-mail ZYX if ZYX is one of the send itentities
Categories
(MailNews Core :: Security: OpenPGP, defect)
Tracking
(Not tracked)
People
(Reporter: el, Unassigned)
Details
User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:129.0) Gecko/20100101 Firefox/129.0
Steps to reproduce:
Thunderbird doesn't seem to easily allow using a PGP for e-mail XYZ for a different e-mail ZYX. This is what I tried:
- Open "Account settings"
- Go to "End-to-End Encryption"
- Open "OpenPGP Key Manager": it lists a key with the setting "Yes, treat this as a personal key". The e-mail listed for it is a different one than the one of my main account, BUT(!) it is listed as one of my alternate sending names(!).
- Now open a "Write" window to compose a new e-mail. The "Encrypt" button is completely grayed out. While I would want to use this key with any sender if I'm in the mood for it, it's also grayed out when I select the sender identity this key is specifically set up for and named for. That seems like an inherent fumbling of the UI of sender identities and I assume it instead just strictly matches the main address of the account, which seems like a bug. Nevertheless, I would want to use this key with any sender if I want to.
My apologies if this is possible via some obvious route after all, and I just missed it.
Actual results:
Can't use PGP key for any sender identity as I please, because "Encrypt" is grayed out in the "Write" composition window.
Expected results:
There doesn't seem to be any obvious way to use a PGP key for whatever account and sender identity that I want, at least I can't see any way to fix it inside the composition window. In the "OpenPGP Key Manager", there also doesn't seem to be any way to configure what accounts and identities I want to use this key for. While it should be allowed by default at the very least for matching sender addresses which for some reason doesn't seem to be the case either, I would want to use it for others as well.
The "Thunderbird doesn't have a personal OpenPGP key for <account name>" > "Add Key..." setting in the "End-To-End Encryption" pane also only allows "Create a new OpenPGP Key" and "Import an existing OpenPGP Key", even though the key was already imported. I assume that again, some mechanism decides for me that since it doesn't match the main account identity (even though it does match one of the sender identities!) that I must be in some way not even offered to possibly use this key. That seems unfortunate, since that is what I want to do. A workaround for this situation would be nice! If it presented me with some angry warning dialog and made me confirm multiple times before using the "wrong" key that would be fine.
|
||
Comment 2•10 months ago
|
||
This is per design. It's important that the key associated actually is for the correct email it specifies. If you want to use it for another email, you can amend the key to allow that secondary email address as well.
It's also doesn't work for the send identities, I'm assuming you missed that and this is a misunderstanding. Therefore I'm reopening for now. I assume that the send identities aren't meant to be impossible to use with GPG, which seems to be the case now. If I'm reopening this in error I'm very sorry.
I also changed the bug title to reflect this better.
|
||
Comment 4•10 months ago
|
||
If you want to use an OpenPGP personal/private key with an email identity in Thunderbird,
it's required that one of the user IDs of that key lists the email address of your Thunderbird email identity.
I think not requiring to do so would result in a very confusing user experience.
If we allowed alice@example.com to use a key in the name of eve@example.com:
- Alice attaches a key in the name of Eve.
- Bob receives an email from alice
- Bob wants to send an encrypted email to Alice
- Bob doesn't find an openpgp key for Alice's email address
- how is Bob supposed to know that he should encrypt to the key saying "this is the key of Eve" when trying to encrypt for Alice?
Similarly, if we allowed Alice to digitally sign an email using a key that says "this is Eve's key",
then Bob would receive an email that says "this email was sent by Alice, but signed by Eve".
it's required that one of the user IDs of that key lists the email address of your Thunderbird email identity.
Assuming I understand that correctly, that's the case that doesn't seem to work. For example, my e-mail account is different to el@horse64.org which I use here on the bug tracker, let's say it would be xyz@example.com. However, I have a send identity el@horse64.org which uses a different SMTP but the same account with the same IMAP. The key is for el@horse64.org but Thunderbird doesn't let me use it even when I pick el@horse64.org as a send identity, and it seems like it wants a key that also covers xyz@example.com instead. That seems like a design bug to me. My apologies if I'm just misunderstanding something.
then Bob would receive an email that says "this email was sent by Alice, but signed by Eve".
For what it's worth, for how I previously planned to use it, that would have been fine with me, but let's maybe forget about that use case.
|
|
||
Comment 6•10 months ago
|
||
It can be selected, but not compose time. You have go to account settings, and for the specific identity go to its E2E settings and select the key that is configured for the email address in question.
Ah, thanks, and my apologies for not noticing!
It would be useful if this was pointed out in the dialog at "Account Settings" > "End to End Encryption" > "OpenPGP" > "Add Key..." where it will just plain refuse to use nay keys without any clear indicator whatsoever that there are identity-specific settings that WOULD allow me to choose a key.
Nevertheless, this was clearly a user error on my end, so I'm closing the ticket again.
Description
•