OpenPGP integration, status as of May 2020
kaie at kuix.de
Wed May 20 09:41:28 UTC 2020
here is an update on the development of the integrated OpenPGP support.
The base functionality is available in 77 Beta 3, but we rate it as
experimental, there are still many details that need improvement.
Nevertheless, the functionality in Beta 3 should be sufficient for
About the base functionality:
You may import your existing personal key, or create a new one (no
In the email account settings, you have to configure your personal key
to actively use OpenPGP.
Received emails will get decrypted and shown with its signature status,
and further details are available by clicking the status icons.
Relevant for the status is the "acceptance" that has been chosen for the
correspondent's public key (or hasn't yet been chosen).
The acceptance decision can be made at the time a public key is
imported, or at any time in the future using the OpenPGP Key Manager
(can be found in the top level Tools menu).
After changing the accepance for a key, to see the updated status for an
email, it's currently necessary to temporarily switch to another email
and then back, to force the update of the shown status for an email.
To send an encrypted email, it's necessary to manually enable it for an
email. If the user has configured both a personal S/MIME certificate and
a personal OpenPGP key, the options inside the composer allow you to
select the technology that should be used for the current email.
If encryption is enabled for an email, you cannot send the message
unless encryption is possible. This means, accepted keys for all
recipients must be available.
If sending isn't possible, an explanation is shown, and then a dialog
opens that helps you to resolve the situation. It will explain the key
status for each recipient, and allows the user to resolve the situation.
A current overview of the Done and TODO items can be found here:
Helpful links are here:
As you know, the Thunderbird release schedule is not flexible, but it's
aligned to the schedule of the base Mozilla Firefox ESR platform - to
ensure that Thunderbird will get security udpates for the base platform.
In my understanding, we currently intend to release Thunderbird 78 in
July as planned, regardless of the status of the OpenPGP implementation.
We'll try to continue to extend the functionality during May and June.
Although usually there's only one feature update per year, I'm hoping
that we might be able to include further improvements in the 78.x
releases in the months that follow the original 78.0 release.
More information about the tb-planning