Re: Thunderbird and end-to-end email encryption – summary of responses and proposed policy
brong at fastmail.fm
Tue Sep 1 03:38:26 UTC 2015
This one I whole-heartedly support. Actual end-to-end encryption in which
the intermediate servers are just dumb transport is still the gold standard
for actual security (with the tradeoffs you mention of key management and
Certainly promoting Enigmail more is a no-brainer. It already exists, and
it's already popular. Making it easier for people to set up and use is
the lowest hanging fruit of all.
On Tue, Sep 1, 2015, at 09:49, R Kent James wrote:
> The blog post and tb-planning thread on encryption had over 100
> responses, which at the very least shows a lot of interest in the
> subject. I'd like to try to summarize all of this, and how I think we
> should react.
> First, I would like to acknowledge that those who are hesitant to
> endorse an emphasis on end-to-end email encryption (which I'll call
> e2e3) all have valid points. That is, e2e3 has the real issues as
> pointed out in the responses:
> 1) It can cause significant degradation to the user experience for
> the vast majority of users for which e2e3 is not an important priority.
> That takes many forms, including risk of content loss if password or key
> is lost, challenges in using webmail and search, and complex setups.
> 2) The current Thunderbird development community does not have any
> significant expertise in e2e3.
> 3) Given our total community and product, there are other issues that
> are more important that are not getting enough attention.
> While all of this is true, there is an important counterbalance that
> motivates me. There is a significant community of people to whom e2e3 is
> very important, for a variety of reasons. Within that community,
> Thunderbird plays a vital role. I've heard it said a couple of times
> that when users of PGP get together, a majority of the people use the
> Thunderbird addon Enigmail as their PGP client. Also, client apps are
> uniquely suited to support e2e3 compared to web apps, and as the leading
> open-source multi-platform client email application, Thunderbird has a
> responsibility to be receptive to e2e3 issues unless we are opposed to
> the whole concept (which I did not see anybody propose).
> We also have point 4 of the Mozilla Manifesto, which is still the
> guiding document of our affiliation with Mozilla: "Individuals’ security
> and privacy on the Internet are fundamental and must not be treated as
> So I propose the following statements and plans concerning our support
> of e2e3, which I believe is a reasonable response to the consensus of
> opinions I have heard over the last week:
> 1. We should investigate including Enigmail as a shipped addon in
> future versions of Thunderbird.
> 2. We would welcome partnering with individual developers, or
> organizations, who have a focus on security and privacy, and can provide
> some of the missing expertise and effort to allow us to better support
> communication security, privacy, and e2e3 in our product. As a
> corollary, we don't reasonably expect the existing core team to begin to
> emphasize e2e3 at the expense of other product priorities.
> 3. We are open to proposals to incorporate within our core product
> improvements that would ease some of the user experience problems with
> e2e3 as long as they do not significantly detract from the user
> experience of those to whom e2e3 is not a priority.
> These are not radical proposals, but they could move us in the right
> direction. Although comments are welcome, please before you are overly
> critical ask yourself if you can't just get behind this. Community
> consensus is a precious thing that would be great if we could achieve.
> Kent James
> tb-planning mailing list
> tb-planning at mozilla.org
brong at fastmail.fm
More information about the tb-planning