Thunderbird 78.x and enabling OpenPGP by default
ben.bucksch at beonex.com
Tue Jun 9 22:25:32 UTC 2020
On 03.06.20 11:04, Kai Engert wrote:
> On 29.05.20 12:33, TT Mooney wrote:
>> What about the use case of people saving GPG encrypted attachments
>> (or email archives) out of Thunderbird? They won’t be able to decrypt
>> them externally, I take it.
> You will have the ability to import your existing secret key into
> Thunderbird (export from GnuPG with --armor).
> And also, if a user has initially created the secret key inside
> Thunderbird, you will have the ability to backup/export your secret
> key, and import it into GnuPG.
> Would that work for your scenario?
While a commandline would work for me, I don't think it would work for
the majority of users. Most users never use the commandline. Any
features available there simply don't exist for them. This applies to
many of the Enigmail users. There are journalists, Amnesty
International, and many others who need encryption, but are not deep
I think an import/export feature would be important. It doesn't have to
be complicated technically. You could just invoke gpg on the
commandline, run the export --armor command that you think the user
should do, catch the output on stdout, and process it to import the keys
into our / OpenPGP key store. And probably vise versa.
That would allow users to have a seamless and interruption free mail
experience would be important. If not, the user might find herself in a
situation where she cannot decrypt her own mail. Either because she uses
K9 Mail on Android, or because she wants to decrypt old mail. Also, you
are surely aware that the PGP world is particularly dependent on key
continuity, and creating new keys for our users is about the worst thing
we can do for the PGP ecosystem. So, key import and export are crucially
important for the health of the system, from day 1. Once the user has 2
separate keys, the mess is there, and it's difficult to undo. Alice has
to eternally deal with 2 decryption keys, and the trust is shaken.
I think a GPG import/export feature is actually more important than a
key management UI for OpenPGP. As long as you can only import the GPG
keys and decrypt/verify and encrypt/sign mail this way, the user can
already be productive, and mail exchange is not disturbed. If you create
new keys, mail exchange is disturbed massively, and the user might still
get mail that she cannot decrypt.
Instead of asking the user to make some simply commandline commands, I
think it's a good time investment to implement that in software.
Enigmail already has the path to the gpg executable, so you just need to
invoke a shell command from JS and redirect stdout.
More information about the tb-planning