Mastodawn

When @Thunderbird: Free Your Inbox decided to drop Enigmail, I was not happy. The idea that I would have to import all my keys into Thunderbird (which runs on several machines), including my private keys, felt like a kick in the .... well, you know.

But I found a way to make Thunderbird use GnuPG after all. No private keys in Thunderbird anymore. If I sign or decrypt anything, my GPG-agent will kindly ask for the key. Unless of course it's already there because I signed some git commits earlier 😎

I wrote this about it:
#^https://codeberg.org/woefdram/Documentation/src/branch/main/thunderbird_gnupg.md

#PGP #Thunderbird #Enigmail #privacy

Documentation/thunderbird_gnupg.md at main

Documentation - Documentation of all kinds.

Codeberg.org

Gharbeia, Ⓐ Dec 12

@thunderbird should at least open a path to allow us to replace their OpenPGP implementation, RNP, with other implementations, like @sequoiapgp's Octopus.

Integrating #Enigmail was not seamless. Functionality was lost, including #GnuPG's keyring and trust model. (e.g.: https://bugzilla.mozilla.org/show_bug.cgi?id=1732074)

They may have their rationale on which they made these decisions, but the negative effect on the usability of Thunderbird+PGP for those who have them for many years is real.

1732074 - Allow the use of user's PGP keyring

RESOLVED (nobody) in MailNews Core - Security: OpenPGP. Last updated 2025-01-18.

Show thread

Martin Geisler Oct 19, 2025

@alrs @aria The #PGP private key is encrypted with your (hashed) password: https://proton.me/support/how-is-the-private-key-stored before being uploaded to Proton's server. This is how you bootstrap on a new machine!

You can export (https://proton.me/support/download-public-private-key) or import (https://proton.me/support/importing-openpgp-private-key) the keypair as you like.

#Proton is "just" doing what people have been doing for decades with things like #Enigmail. I used #Gnus for #Emacs some 20 years ago for the same thing 😄 The achievement of Proton is to make this seem easy!

How is the private key stored? | Proton

Proton Mail private key is stored encrypted on your browser using your mailbox password. Learn more about your private key.

Proton

Gemischtwahnladen Jul 12, 2025

Wollte grad (nach Jahren) mal wieder ne #PGP-Verschlüsselung für meine Mails einrichten. Nun hat #Thunderbird ja inzwischen #GNUPG und das sieht ja auch alles ganz toll aus, aber was mich als alter #Enigmail User irritiert, ist das Ding mit der (fehlenden) Passphrase. Also wie ich das verstehe wird die ja (für alle Mailaccounts!?) ersetzt durch das Thunderbird-Masterpasswort. So weit so naja... Aber würde die Mails auch weiterhin gern auffm Handy abrufen (#K9). Da gibts dann n Addon, soweit hab ich das schon gesehen, aber ist dann das Masterpasswort auch da meine Passphrase? Danke schonmal für Tipps...

Zeroday Podcast (sven)Apr 2, 2025

Bin gerade durch einen Hörer drauf aufmerksam gworden, #Enigmail supported nicht mehr #Thunderbird, obwihl es dafür entwickelt wurde. Weiss jemand mehr dazu? https://enigmail.net/index.php/en/

Enigmail - A simple interface for OpenPGP email security

Delta Chat Feb 14, 2025

@sardon not that we know off. As far as we know thunderbirds current extension model does not allow even an #autocrypt compliant plugin let alone all the rest that delta offers. #enigmail used to offer full autocrypt support but when thunderbird changed the plugin model and integrated openpgp into thunderbird they went back to the old idea of "users have to consciously manage their encryption keys" ... An unfortunate old tradition. We aim for modern usable security like signal delivers.

Gharbeia, Ⓐ Jan 18, 2025

Did you know that #Thunderbird, after having integrated #OpenPGP functionality into the core, thus obsoleting #Enigmail, now imports your user's #PGP keyring into its own store, effectively forking it, leaving you with two separate keyrings to manage!

The developers say they won't change that:
https://bugzilla.mozilla.org/show_bug.cgi?id=1732074

1732074 - Allow the use of user's PGP keyring

RESOLVED (nobody) in MailNews Core - Security: OpenPGP. Last updated 2025-01-18.

Mima-sama Oct 7, 2024

Oh my god why didn't #Enigmail encrypt my #email? It literally indicated it will sign and encrypt it and I've imported my recipient's public key!

Elephant Jun 27, 2024

Manchmal denke ich, M$ bezahlt #foss Projekte, dafür, wichtige Features nicht zu implementieren, Beispiel #thunderbird und #pgp: Seit #enigmail nicht mehr läuft, muss man mit dem Texteditor eine json-Datei bearbeiten, um dem Scheißprogramm zu sagen, welche Schlüssel zu welcher Mailadresse gehören. Ohne dieses Gefrickel kann man weder Mailinglisten mit mehreren Schlüsseln betreiben, noch Leute anschreiben, die Schlüssel nutzen, in denen nicht die Adresse hinterlegt ist.

tallship May 7, 2024

#e2ee is a goal, not a promise. As far back as I can remember, forums like those supporting #Enigmail and #gpg were staffed with volunteers from the privacy community who repeatedly insisted on answering questions, like, "Is <this> (whatever this might be) totally secure?" with stock questions like, "What is it that you consider 'totally secure?" or answers such as, "Secure is a relative term, nothing is completely secure, how secure do you need your mission's communications to be?"

Phrases such as, reasonably secure should be indicators of how ridiculous it is to assume that any secure platform is EVER completely, and totally secure.

That begs the question, "Exactly how secure do you require your communications to be?" The answer is always, ... relative.

Which means that you should always believe Ellen Ripley when she says, "Be afraid. Be very afraid!"

https://www.city-journal.org/article/signals-katherine-maher-problem

#tallship #encryption #PGP #secure_communication #Privacy #FOSS

⛵

Signal’s Katherine Maher Problem

Is the integrity of the encrypted-messaging application compromised by its chairman of the board?

City Journal