Thunderbird 78, Enigmail and OpenPGP secure email

Wiktor Kwapisiewicz wiktor at metacode.biz
Tue Oct 8 11:44:03 UTC 2019


Hello,

> As a replacement, the Thunderbird team intends to develop integrated

> OpenPGP messaging for the next major version of Thunderbird, which will

> be released in summer 2020 (likely version 78).


That's great to hear! Given the number of people that use Thunderbird 
daily providing built-in OpenPGP can tremendously lower the effort 
needed to encrypt e-mails.

> Please have a look at the following article which describes the approach

> we'd like to take:

>   https://wiki.mozilla.org/Thunderbird:OpenPGP:2020

The wiki page is very well written. If you don't mind I've got a few 
minor comments:

> We intend to identify and use another existing library that provides support for creating and processing OpenPGP messages, and we will try to reuse parts of Enigmail that aren’t specific to GnuPG.

As far as I know there are two: OpenPGP.js, that is re-used by the 
Autocrypt extension [1] and Sequoia [2], that is native and AFAIK 
provides a way to talk to GnuPG agent (for keys stored on smartcards).

[1]: https://addons.thunderbird.net/en-US/thunderbird/addon/autocrypt/

[2]: https://sequoia-pgp.org/

> It’s a controversial question whether email software should automatically use opportunistic encryption, or whether the user should be required to actively opt in, prior to using end-to-end email encryption. 

The old OpenPGP e-mail header specified "preference" field [3].

[3]: 
https://datatracker.ietf.org/doc/html/draft-josefsson-openpgp-mailnews-header-07#section-3.3

> Furthermore, starting to use OpenPGP comes with some responsibility for the future. Once a user distributes their own key to others, they’ve opened Pandora’s box. Others might discover the keys later and send encrypted email at any time in the future.

This can be (somehow) mitigated by using "Let's Encrypt approach". If we 
assume a keyserver would be used then setting a short expiry on the user 
key and then extending it every couple of months automatically (with no 
user input) would provide a "dead man's switch" that'd render the key 
unusable if the user stops using Thunderbird.

> For the initial version of Thunderbird with OpenPGP support, Thunderbird 78, we’ll not yet enable OpenPGP encryption for emails automatically. Instead, we’ll require that users opt in, prior to using it. However, it should be easy to opt in, and we might implement a smart user interface, that allows the user to discover the the availability of the OpenPGP messaging features, and offer interactive assistance that makes it easy to get started.

This could also be coupled with something like that "OpenPGP" header, 
for example replying to a contact that indicated that they prefer 
encrypted e-mail could trigger a bar similar to "forgotten attachment" 
asking the user to generate OpenPGP keys.

Thanks for the work in this area!

Kind regards,
Wiktor

-- 
https://metacode.biz/@wiktor


More information about the tb-planning mailing list