Re: Thunderbird and end-to-end email encryption – summary of responses and proposed policy

Bron Gondwana brong at
Tue Sep 1 03:38:26 UTC 2015

This one I whole-heartedly support.  Actual end-to-end encryption in which
the intermediate servers are just dumb transport is still the gold standard
for actual security (with the tradeoffs you mention of key management and
multiple-client coordination)

Certainly promoting Enigmail more is a no-brainer.  It already exists, and
it's already popular.  Making it easier for people to set up and use is
the lowest hanging fruit of all.


On Tue, Sep 1, 2015, at 09:49, R Kent James wrote:
> The blog post and tb-planning thread on encryption had over 100 
> responses, which at the very least shows a lot of interest in the 
> subject. I'd like to try to summarize all of this, and how I think we 
> should react.
> First, I would like to acknowledge that those who are hesitant to 
> endorse an emphasis on end-to-end email encryption (which I'll call 
> e2e3) all have valid points. That is, e2e3 has the real issues as 
> pointed out in the responses:
> 1)    It can cause significant degradation to the user experience for 
> the vast majority of users for which e2e3 is not an important priority. 
> That takes many forms, including risk of content loss if password or key 
> is lost, challenges in using webmail and search, and complex setups.
> 2)    The current Thunderbird development community does not have any 
> significant expertise in e2e3.
> 3)    Given our total community and product, there are other issues that 
> are more important that are not getting enough attention.
> While all of this is true, there is an important counterbalance that 
> motivates me. There is a significant community of people to whom e2e3 is 
> very important, for a variety of reasons. Within that community, 
> Thunderbird plays a vital role. I've heard it said a couple of times 
> that when users of PGP get together, a majority of the people use the 
> Thunderbird addon Enigmail as their PGP client. Also, client apps are 
> uniquely suited to support e2e3 compared to web apps, and as the leading 
> open-source multi-platform client email application, Thunderbird has a 
> responsibility to be receptive to e2e3 issues unless we are opposed to 
> the whole concept (which I did not see anybody propose).
> We also have point 4 of the Mozilla Manifesto, which is still the 
> guiding document of our affiliation with Mozilla: "Individuals’ security 
> and privacy on the Internet are fundamental and must not be treated as 
> optional."
> So I propose the following statements and plans concerning our support 
> of e2e3, which I believe is a reasonable response to the consensus of 
> opinions I have heard over the last week:
> 1.    We should investigate including Enigmail as a shipped addon in 
> future versions of Thunderbird.
> 2.    We would welcome partnering with individual developers, or 
> organizations, who have a focus on security and privacy, and can provide 
> some of the missing expertise and effort to allow us to better support 
> communication security, privacy, and e2e3 in our product. As a 
> corollary, we don't reasonably expect the existing core team to begin to 
> emphasize e2e3 at the expense of other product priorities.
> 3.    We are open to proposals to incorporate within our core product 
> improvements that would ease some of the user experience problems with 
> e2e3 as long as they do not significantly detract from the user 
> experience of those to whom e2e3 is not a priority.
> These are not radical proposals, but they could move us in the right 
> direction. Although comments are welcome, please before you are overly 
> critical ask yourself if you can't just get behind this. Community 
> consensus is a precious thing that would be great if we could achieve.
> Kent James
> _______________________________________________
> tb-planning mailing list
> tb-planning at

  Bron Gondwana
  brong at

More information about the tb-planning mailing list