<div dir="ltr"><div class="gmail_default" style="font-size:small">The big problem with using E2E encryption has always been managing the private keys. </div><div class="gmail_default" style="font-size:small"><br></div><div class="gmail_default" style="font-size:small">Thunderbird already has S/MIME support. Almost nobody uses it because it is a 20 minute process for ME to install a cert. So heaven help a naive user.</div><div class="gmail_default" style="font-size:small"><br></div><div class="gmail_default" style="font-size:small">If someone could give me a command line tool script that would install an S/MIME certificate into the Thunderbird store and configure it to use it, I can provide a tool that will do all the cert management for the user so the user has encryption available without having to think.</div><div class="gmail_default" style="font-size:small"><br></div><div class="gmail_default" style="font-size:small"><br></div><div class="gmail_default" style="font-size:small">My tool is designed to manage keys for any cryptographic application. Right now I am focused on SSH, S/MIME and Web browsing. </div><div class="gmail_default" style="font-size:small"><br></div><div class="gmail_default" style="font-size:small">I will be looking at PGP but that is a little more complex for TBird because the base client does not have PGP and so the question is which plug in to support.</div><div class="gmail_default" style="font-size:small"><br></div><div class="gmail_default" style="font-size:small"><br></div><div class="gmail_default" style="font-size:small"><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Fri, Feb 23, 2018 at 12:50 PM, Philipp Kewisch <span dir="ltr"><<a href="mailto:kewisch@thunderbird.net" target="_blank">kewisch@thunderbird.net</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="auto"><div></div><div>Hi all,</div><div><br></div><div>I personally agree that integrating email encryption is a goal we should have. There have been discussions around this in the past, and afair there have been no objections in general.</div><div><br></div><div>As for timing, we need to keep a balance between feature development, removing technical debt, and fixing bustages. Given our current developer capacities, we are currently leaning towards the latter. Luckily, we will have more capacity soon. </div><div><br></div><div>Therefore, as much as I would like to, I don’t think we will be able to ship integrated end to end encryption by the next esr, which will be in beta very soon. Note though this does not mean it is impossible.</div><div><br></div><div>We will definitely keep in touch with the pEp folks once they have released their initial version, and also with Patrick from Enigmail to determine the requirements for integrating the add-on.</div><div><br></div><div>Philipp </div><span class=""><div><br>On 23. Feb 2018, at 6:05 PM, Axel Grude <<a href="mailto:axel.grude@gmail.com" target="_blank">axel.grude@gmail.com</a>> wrote:<br><br></div></span><blockquote type="cite"><div>
<div id="m_4810708391322669206smartTemplate4-template"><span class="">
<p><i><br>
</i></p>
<p>Once thing I would wish for Thunderbird is to supply a strong
solution for providing end to end encryption<i> from
installation</i>. This should ideally land before it is being
made illegal by various Western governments:<i><br>
</i></p>
<p><i><a class="m_4810708391322669206moz-txt-link-freetext" href="https://www.sbs.com.au/news/incoming-laws-to-tackle-terror-encryption" target="_blank">https://www.sbs.com.au/news/<wbr>incoming-laws-to-tackle-<wbr>terror-encryption</a><br>
</i></p>
<p>
</p><blockquote type="cite">
<p>But he argued law enforcement access to encrypted
communications should be on the same basis as telephone and
other intercepts, in response to warrants issued by the
court.</p>
<p>"Companies ought to be concerned with the reputational harm
that comes from terrorists and criminals using their
encryption and social media platforms for illicit ends," he
said.</p>
<p>"As a society we <b>should hold these companies
responsible</b> when their service is used to plan or
facilitate unlawful activity."</p>
</blockquote>
whether this "shoot the messenger" principle is actually
compatible with Western constitutions is another discussion.
However I would like to remind everyone of the history of
"Pretty Good Privacy" which was attempted to be declared a
weapon (and as such restricted for import from the US) and the
answer of the tech world was to release it into the public
domain. I think Thunderbird has a moral duty to help providing
privacy to Citizens of free democratic states. Email should not
be assumed a "free to read for all" just because it is
transported via a public network.<p></p>
<p>On a technical dimension Thunderbird should think of offering
encryption Addons as premium or free services during
installation <i>for the next ESR release</i>. Which means
either bundling enigmail or a pEp as an installation step. I
think (paid) development on this should be prioritized, right
now.<br>
</p>
<p>Thoughts?</p>
<p>Axel<br>
</p>
</span><div id="m_4810708391322669206mySignature"><span class=""> <b class="m_4810708391322669206myName"><a href="mailto:axel.grude@gmail.com" target="_blank">Axel Grude</a></b> <br>
Music Production and Composition <br>
Thunderbird Add-ons Developer <span class="m_4810708391322669206AddonList">(<a href="https://addons.mozilla.org/thunderbird/addon/quickfolders-tabbed-folders/" target="_blank">QuickFolders</a>,
<a href="https://addons.mozilla.org/thunderbird/addon/quickfilters/" target="_blank">quickFilters</a>,
<a href="https://addons.mozilla.org/firefox/addon/quickpasswords/" target="_blank">QuickPasswords</a>,
<a href="https://addons.mozilla.org/thunderbird/addon/zombie-keys/" target="_blank">Zombie
Keys</a>, <a href="https://addons.mozilla.org/thunderbird/addon/smarttemplate4/" target="_blank">SmartTemplate4</a>)</span>
<br></span>
Visit my <a href="https://www.youtube.com/c/thunderbirddaily" target="_blank">YouTube
Channel</a> for email productivity tips <thunderbird_blog2.png>
</div>
<br>
</div>
</div></blockquote><blockquote type="cite"><div><span>______________________________<wbr>_________________</span><br><span>tb-planning mailing list</span><br><span><a href="mailto:tb-planning@mozilla.org" target="_blank">tb-planning@mozilla.org</a></span><br><span><a href="https://mail.mozilla.org/listinfo/tb-planning" target="_blank">https://mail.mozilla.org/<wbr>listinfo/tb-planning</a></span><br></div></blockquote></div><br>______________________________<wbr>_________________<br>
tb-planning mailing list<br>
<a href="mailto:tb-planning@mozilla.org">tb-planning@mozilla.org</a><br>
<a href="https://mail.mozilla.org/listinfo/tb-planning" rel="noreferrer" target="_blank">https://mail.mozilla.org/<wbr>listinfo/tb-planning</a><br>
<br></blockquote></div><br></div>