Do you have questions or concerns about email encryption?
Please put them here.⬇️
@email@example.com why hasn't there been a standardized, fully secure method of end to end encryption like OMEMO or Matrix?
If by "multi e2ee" you mean multi-device capable, you are wrong. OpenPGP can be used on multiple devices at the same time, either by using different keys, or a shared primary key with per-device subkeys, or simply by sharing the same key across multiple devices.
When will Thunderbird be able again to send PGP/MIME emails? It is able to receive and show them, but not to send them. Especially if attachments are involved many receipients are not able to handle the current format.
With former enigmail the format could be choosen.
And please, don't change the current behaviar in K9mail with OpenKeyChain, because that is my current way to reach others that only support PGP/MIME.
Well that is the normal behavior. The keys remains always in OpenKeyChain. To link it to your account in K9, you choose account settings (or however it is called in your language version) for this account, end-to-end encryption, set the switch to activate OpenPGP support for this account and then select the key you want to use with this account.
@WhyNot @reclus @thunderbird Yeah, I tried that, but it won't let me add the key I made in Thunderbird. My experience has been that it only likes keys made in K-9, or made with the provider's front-end. The reverse is also true; if I make a key for the account in K-9, it will accept it. But then Thunderbird won't.
@thunderbird How do we make encryption easier to use when the bulk of the providers have a financial interest not to have encryption (Google, Hotmail, other places that scan emails for data)?"
Also, is there a way of using SSH keys instead of SSL much like AGE encrypts things? Or Gemini's TOFU (trust on first use)?
It seems that there is a problem with signature checking. Thunderbird shows an invalid signature when I'm sending an email to myself (signed with my key).
K9 & OpenKeyChain shows a correct signature for the same email.
After recurrent checks sometimes the signature is shown as correct in Thunderbird (even for those mails that were shown as invallid before), sometimes not. (non-deterministic?)
(Checked with the same identity & key and with different identities & keys.)
@thunderbird no for me (because I already use it for years) but a lot of people ask me "how to decrypt emails via gpg when I receive an email in Gmail from someone who sent it via thunderbird with gpg?"
The only answer I give is to use mailvelop...
@thunderbird Thanks that it's possible to ask questions. Is it possible to store PGP encrypted emails like usual emails in Thunderbird? I mean storing them unencrypted like any other email. I had the experience that I couldn't access received encrypted emails after a while, because I/Thunderbird didn't have the key anymore
@Yung_Lyun We definitely need documentation.
@KillYourFM is meeting with Thunderbird's resident encryption expert Kaie later today. The goal is to have a transfer of knowledge, then explain the basics (and their importance) to our community.
@thunderbird Can I request that unlocking the gpg/pgp key not be done at start-up and left unlocked/passkey accessible? Maybe I'm weird but I actively dislike that being in the master key store and unlocked the entire time the keyring is open. I'd much prefer the model similar to the way it was done with enigmail where the gpg/pgp key was VERY explicitly unlocked to use vs. having the password in the master store and effectively always available
I use Thunderbird on my laptop (for travel and off-site) & IMAP all accounts.
I use K-9 on mobile (GrapheneOS) with IMAP for all accounts.
I also use Delta Chat on desktop & mobile as a Signal replacement.
It would be nice if there was some integration between the Delta Chat 'concept' and the Thunderbird products.
@thunderbird Why cant I anymore have encryption enabled by default for email addresses I have a key for.
That no people that I email will have the technical ability to read the encrypted email I send them.
A newer server operated by the Mastodon gGmbH non-profit