<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=windows-1252">
<link href="chrome://translator/skin/floatingPanel.css"
type="text/css" rel="stylesheet">
</head>
<body smarttemplateinserted="true" text="#000000" bgcolor="#FFFFFF">
<div id="smartTemplate4-template">All,<br>
<br>
just an observation, as an on-and-off user of Enigmail; this is
not so much about setup, than day to day use:<br>
<br>
1. passphrases are cumbersome things - it should be possible to
store this in the password manager<br>
2. master passwords are also cumbersome - I have one in Firefox
because of the plethora of important passwords I store there (I
trust my own PC); but I do not use one in Thunderbird. I
implicately trust Tb as desktop application and leave the security
to my Windows logon.<br>
<br>
If would be just fantastic if Tb could be configured to
transparently show encrypted mails without asking for the
passphrase (or use master password to fill it in). Otherwise this
will be experienced as "yet another extra step" between the user
and the email (and being asked for a passphrase every hour) - and
the good intentions of wanting to use encryption will soon be
overridden by the usability issues.<br>
<br>
I also think that master password handling could possibly be
improved; I have an addon "QuickPasswords" which is a
context-sensitive one-click solution to resolve missing passwords,
but it always uses the built in "Password List" which can be
viewed as "intrusive" to the workflow - it works for Firefox as I
have 100s of logins, but in mail there should be only a few. A
"security area" on the toolbar that makes it possible to
lock/unlock might be a nicer concept, if you like I can come up
with some UI ideas on this.<br>
<br>
The other thing that makes the concept of encryption hard to use
is that fact that (at the moment) unencrypted and encrypted mails
seen to be entirely disconnected things, how can they be presented
in a "friendlier" way? E.g. display of public keys in form of a
"calling card" instead of a massive blob of random text - just
make it less frightening to the average user and "hide all the
wires". <br>
<br>
I think it is really important to make the day to day use of
encryption on the desktop as effortless as possible, otherwise it
just won't be widely accepted.<br>
<br>
regards<br>
Axel<br>
<br>
</div>
<br>
<div class="moz-signature">-- <br>
<style type="text/css">
.myName:hover, .myName a:hover { font-size:13pt; text-shadow: 3px 3px 4px rgba(200,250,200,0.7);}
.moz-signature {opacity: 1.0 !important;}
.myName a { cursor: pointer !important; transition:font-size 0.5s;}
</style>
<div id="mySignature" style="width: 65%; padding: 0.8em 1.2em;
font:x-small verdana; color: #444; box-shadow: 4px 4px 9px -2px
rgba(0,0,0,0.65); border-radius: 1em; padding: 0.4em 2em;
border: 1px dashed #444; background: rgb(230,240,163);
background: linear-gradient(to bottom, rgba(230,240,163,1)
0%,rgba(210,230,56,1) 50%,rgba(195,216,37,1)
51%,rgba(219,240,67,1) 100%);">
<b class="myName" style="text-shadow: 1px 1px 2px #DDD;
transition:font-size 0.5s;"><a
href="mailto:axel.grude@gmail.com">Axel</a></b>
<br>
Software Developer
<br>
Thunderbird Add-ons Developer
<span style="color:#666666; font-size:xx-small">(QuickFolders,
quickFilters, QuickPasswords, Zombie Keys, SmartTemplate4)</span>
<br>
AMO Editor <img style="margin-bottom: 5px; float: right;
box-shadow: 1px 1px 2px rgba(20, 20, 20, 0.4);"
moz-do-not-send="false"
src="cid:part2.05040105.00070300@gmail.com" alt="Get
Thunderbird!" height="15" width="94">
</div>
</div>
<div id="smartTemplate4-quoteHeader">
<style type="text/css">
#newHeader b { font-weight:bold; color: #990033; }
</style><br>
<div id="newHeader" style="font-size: x-small; padding:1em;
background-color:rgba(220,220,240,0.4); border-radius:3px;"> <b>To:</b>
Dave Jarvis, Paul.syverson, <a class="moz-txt-link-abbreviated" href="mailto:Tb-planning@mozilla.org">Tb-planning@mozilla.org</a> - <a>dave.jarvis@gmail.com</a>,
<a>Paul.Syverson@nrl.navy.mil</a>, <a>tb-planning@mozilla.org</a>
<br>
<b>From: </b>Jb Piacentino <a class="moz-txt-link-rfc2396E" href="mailto:jb@mozilla.com"><jb@mozilla.com></a><br>
<b>Sent: </b>Tuesday, 02/09/2014 14:28:24 14:28 GMT ST +0100
[Week 36]<br>
<b>Subject:</b> Re: 90 Barriers to Encrypted Email
</div>
<hr></div>
<blockquote class=" cite" id="mid_5405C5F8_6090404_mozilla_com"
cite="mid:5405C5F8.6090404@mozilla.com" type="cite">Hi Dave,
<br>
<br>
Thank you for you note and thoughts. I am cc'ing the Thunderbird
community mailing list for possible follow-up.
<br>
<br>
Jb
<br>
On 01/09/2014 01:59, Dave Jarvis wrote:
<br>
<blockquote class=" cite" id="Cite_9933400" type="cite">Hi,
<br>
<br>
Some of my friends' comments when asked if they'd use encrypted
email:
<br>
<br>
"I would if there were a significant benefit. The biggest
problem is
<br>
that of critical mass: why bother setting up encrypted email if
nobody
<br>
else encrypts their email (or even knows how to decrypt it)?"
<br>
<br>
"Some of my friends suggested that the disadvantages
outweighed the
<br>
advantages. But I'd definitely support efforts to make
encryption in
<br>
email standard or merely more common. The challenge as usual is
<br>
backwards compatibility in dealing with a mix of people who do
and don't
<br>
use encryption--especially with the danger of known plaintext
attacks if
<br>
someone frequently messes up and replies to an encrypted email
in
<br>
plaintext with the whole decrypted message quoted in plaintext."
<br>
<br>
"I would with friends who also did."
<br>
<br>
Thinking I could convince more of my friends to use encrypted
email, I
<br>
documented the steps to send an encrypted email, from start to
finish:
<br>
<br>
<a class="moz-txt-link-freetext" href="http://davidjarvis.ca/encryption/">http://davidjarvis.ca/encryption/</a>
<br>
<br>
The steps tally around 90 (many installation wizard steps were
omitted).
<br>
Each step is a barrier to success. The remainder of this email
outlines
<br>
a possible flow that would greatly simplify exchanging encrypted
emails
<br>
for first-time users.
<br>
<br>
THUNDERBIRD w/ENCRYPTION INSTALLATION
<br>
<br>
If Mozilla or Enigmail is unable/unwilling to provide this, then
perhaps
<br>
it is something the Tor folks could tackle?
<br>
<br>
1. Download Thunderbird.
<br>
2. Click the Thunderbird Setup executable.
<br>
3. Click Run.
<br>
4. *NEW* "Enable confidential emails" is checked by default.
<br>
5. *NEW* "Run Thunderbird after installing" is checked by
default.
<br>
6. *NEW* "I have an existing email address" is checked by
default.
<br>
7. *NEW* Click "Install" (note: not "Next, Next, Next, Next,
Next, Next,
<br>
ad nauseam, Install, Finish").
<br>
<br>
At this point, the following events happen without user
intervention:
<br>
<br>
- The software installs Thunderbird, GPG (bundled), and
Enigmail.
<br>
- The installer exits.
<br>
- Thunderbird starts.
<br>
<br>
THUNDERBIRD CONFIGURATION
<br>
<br>
Since "I have an email address" was checked:
<br>
<br>
1. Type in Name.
<br>
2. Type in Email address.
<br>
3. Type in password.
<br>
4. Click Continue.
<br>
<br>
At this point, for known mail servers (such as GMail, Hotmail,
Yahoo
<br>
Mail, etc.), the default IMAP and POP3 settings are tested and
accepted
<br>
automatically. (This could even be attempted for unknown MX
servers.)
<br>
The user needn't confirm the settings unless something went
awry.
<br>
<br>
*NEW* Thunderbird automatically:
<br>
<br>
- Downloads Inbox contents.
<br>
- Imports email address contacts (this is needed later).
<br>
<br>
ENIGMAIL CONFIGURATION
<br>
<br>
Since "Enable confidential emails" was checked, the Enigmail
wizard appears.
<br>
<br>
1. *NEW* "I need a secret key" is checked by default.
<br>
2. User is prompted to write down a secret Passphrase on a piece
of
<br>
paper (16+ characters, numbers, symbols).
<br>
3. Type in the Passphrase.
<br>
4. Type in confirmation Passphrase.
<br>
5. Click Continue.
<br>
<br>
At this point, the system:
<br>
<br>
- Notifies user to wait several minutes, and not to exit the
<br>
application. (Does not state anything about a randomness pool:
people
<br>
don't care.)
<br>
- *NEW* Moves the progress towards completion (never remains
fixed for
<br>
more than a tenth of a second, no matter what).
<br>
- *NEW* Automatically replenishes the pool using intermittent
I/O, and
<br>
random network pings (e.g., to random.org, google.com, their MX
server,
<br>
and a few others). No need to ask the user to do this...
<br>
- *NEW* Certificate is automatically generated and saved to the
Desktop.
<br>
<br>
PUBLIC KEYS
<br>
<br>
*NEW* The Enigmail wizard continues:
<br>
<br>
1. *NEW* "Upload public key" is checked.
<br>
2. *NEW* The Keyserver "pgp.mit.edu" is selected.
<br>
3. Click Finish.
<br>
<br>
*NEW* In the background, Enigmail searches and downloads all
public keys
<br>
in the user's contact list using the collected email addresses.
<br>
<br>
Alternatively, Enigmail does this one at a time when sending
emails, if
<br>
the public key was not already retrieved (to prevent swamping
the
<br>
Keyservers).
<br>
<br>
This means that all public keys should be listed in the Enigmail
Key
<br>
Management tool. Currently, if I sent a message to a friend,
then looked
<br>
at the managed keys, the key is not listed. There is no
(obvious) way to
<br>
verify that their public key was used to encrypt the message. If
the key
<br>
was automatically downloaded, used for encryption, and added to
the
<br>
managed keys, then I could confirm that the key was used (or at
least
<br>
downloaded).
<br>
<br>
SENDING EMAIL
<br>
<br>
When I send an email that can be encrypted with the recipient's
public
<br>
key, a little lock icon should appear next to their email
address.
<br>
Hovering over the lock icon should reveal a tooltip. The tooltip
should
<br>
let me know that their public key is being used to encrypt the
message.
<br>
<br>
In this fashion, I can write a message to several people and
know who
<br>
will receive an encrypted copy and who will not (e.g., Jb
Piacentino and
<br>
Paul Syverson). It also let's me verify what public key is being
used.
<br>
<br>
Lastly, it would relieve the necessity of prompting to confirm
public
<br>
keys being matched to the number of recipients.
<br>
<br>
FINAL NOTES
<br>
<br>
This reduces the number of steps from ~90 to ~13 for first time
users,
<br>
thereby nearly passing the "grandmother test". Users can
configure
<br>
Thunderbird and Enigmail afterwards should default settings be
insufficient.
<br>
<br>
IMHO, email encryption remains well beyond average user
capability.
<br>
Significantly reducing the number of steps by bundling the major
<br>
software components should greatly increase (mainstream)
adoption.
<br>
<br>
Dave
<br>
<br>
CC: GPG and Tor developer leads.
<br>
<br>
</blockquote>
<br>
_______________________________________________
<br>
tb-planning mailing list
<br>
<a class="moz-txt-link-abbreviated" href="mailto:tb-planning@mozilla.org">tb-planning@mozilla.org</a>
<br>
<a class="moz-txt-link-freetext" href="https://mail.mozilla.org/listinfo/tb-planning">https://mail.mozilla.org/listinfo/tb-planning</a>
<br>
<br>
</blockquote>
<br>
<br>
<div style="bottom: auto; left: 1007px; right: auto; top: 346px;"
class="translator-theme-default" id="translator-floating-panel">
<div title="Click to translate"
id="translator-floating-panel-button"></div>
</div>
</body>
</html>