Thunderbird and end-to-end email encryption – summary of responses and proposed policy
R Kent James
kent at caspia.com
Mon Aug 31 23:49:32 UTC 2015
The blog post and tb-planning thread on encryption had over 100
responses, which at the very least shows a lot of interest in the
subject. I'd like to try to summarize all of this, and how I think we
First, I would like to acknowledge that those who are hesitant to
endorse an emphasis on end-to-end email encryption (which I'll call
e2e3) all have valid points. That is, e2e3 has the real issues as
pointed out in the responses:
1) It can cause significant degradation to the user experience for
the vast majority of users for which e2e3 is not an important priority.
That takes many forms, including risk of content loss if password or key
is lost, challenges in using webmail and search, and complex setups.
2) The current Thunderbird development community does not have any
significant expertise in e2e3.
3) Given our total community and product, there are other issues that
are more important that are not getting enough attention.
While all of this is true, there is an important counterbalance that
motivates me. There is a significant community of people to whom e2e3 is
very important, for a variety of reasons. Within that community,
Thunderbird plays a vital role. I've heard it said a couple of times
that when users of PGP get together, a majority of the people use the
Thunderbird addon Enigmail as their PGP client. Also, client apps are
uniquely suited to support e2e3 compared to web apps, and as the leading
open-source multi-platform client email application, Thunderbird has a
responsibility to be receptive to e2e3 issues unless we are opposed to
the whole concept (which I did not see anybody propose).
We also have point 4 of the Mozilla Manifesto, which is still the
guiding document of our affiliation with Mozilla: "Individuals’ security
and privacy on the Internet are fundamental and must not be treated as
So I propose the following statements and plans concerning our support
of e2e3, which I believe is a reasonable response to the consensus of
opinions I have heard over the last week:
1. We should investigate including Enigmail as a shipped addon in
future versions of Thunderbird.
2. We would welcome partnering with individual developers, or
organizations, who have a focus on security and privacy, and can provide
some of the missing expertise and effort to allow us to better support
communication security, privacy, and e2e3 in our product. As a
corollary, we don't reasonably expect the existing core team to begin to
emphasize e2e3 at the expense of other product priorities.
3. We are open to proposals to incorporate within our core product
improvements that would ease some of the user experience problems with
e2e3 as long as they do not significantly detract from the user
experience of those to whom e2e3 is not a priority.
These are not radical proposals, but they could move us in the right
direction. Although comments are welcome, please before you are overly
critical ask yourself if you can't just get behind this. Community
consensus is a precious thing that would be great if we could achieve.
More information about the tb-planning