Thunderbird and end-to-end email encryption – summary of responses and proposed policy

R Kent James kent at caspia.com
Mon Aug 31 23:49:32 UTC 2015


The blog post and tb-planning thread on encryption had over 100 
responses, which at the very least shows a lot of interest in the 
subject. I'd like to try to summarize all of this, and how I think we 
should react.

First, I would like to acknowledge that those who are hesitant to 
endorse an emphasis on end-to-end email encryption (which I'll call 
e2e3) all have valid points. That is, e2e3 has the real issues as 
pointed out in the responses:

1)    It can cause significant degradation to the user experience for 
the vast majority of users for which e2e3 is not an important priority. 
That takes many forms, including risk of content loss if password or key 
is lost, challenges in using webmail and search, and complex setups.

2)    The current Thunderbird development community does not have any 
significant expertise in e2e3.

3)    Given our total community and product, there are other issues that 
are more important that are not getting enough attention.

While all of this is true, there is an important counterbalance that 
motivates me. There is a significant community of people to whom e2e3 is 
very important, for a variety of reasons. Within that community, 
Thunderbird plays a vital role. I've heard it said a couple of times 
that when users of PGP get together, a majority of the people use the 
Thunderbird addon Enigmail as their PGP client. Also, client apps are 
uniquely suited to support e2e3 compared to web apps, and as the leading 
open-source multi-platform client email application, Thunderbird has a 
responsibility to be receptive to e2e3 issues unless we are opposed to 
the whole concept (which I did not see anybody propose).

We also have point 4 of the Mozilla Manifesto, which is still the 
guiding document of our affiliation with Mozilla: "Individuals’ security 
and privacy on the Internet are fundamental and must not be treated as 
optional."

So I propose the following statements and plans concerning our support 
of e2e3, which I believe is a reasonable response to the consensus of 
opinions I have heard over the last week:

1.    We should investigate including Enigmail as a shipped addon in 
future versions of Thunderbird.

2.    We would welcome partnering with individual developers, or 
organizations, who have a focus on security and privacy, and can provide 
some of the missing expertise and effort to allow us to better support 
communication security, privacy, and e2e3 in our product. As a 
corollary, we don't reasonably expect the existing core team to begin to 
emphasize e2e3 at the expense of other product priorities.

3.    We are open to proposals to incorporate within our core product 
improvements that would ease some of the user experience problems with 
e2e3 as long as they do not significantly detract from the user 
experience of those to whom e2e3 is not a priority.

These are not radical proposals, but they could move us in the right 
direction. Although comments are welcome, please before you are overly 
critical ask yourself if you can't just get behind this. Community 
consensus is a precious thing that would be great if we could achieve.

Kent James



More information about the tb-planning mailing list