ww 🩶
protonmail can exchange pgp-encrypted messages with non-proton addresses, but:
1. it can't fetch their keys from a keyserver. either the external sender has to attach their key, and the proton user has to trust it, or the proton user has to edit the contact card and manually upload the public key.
2. if you encrypt the topic of an email sent to a proton user, they'll be able to view it, but their reply will include the topic unencrypted

of which #2 is usually a minor issue, but it's just funny how spectacularly bad #pgp is
Mar 14 at 9:09amWeb
Show threadww 🩶Mar 14
oh, and manually uploading a contact's public key requires you to click the gear icon in their card, then click advanced settings, then click upload. i don't think proton wants you actually doing this.
Show threadww 🩶Mar 14
and if you receive a message from a non-contact without their public key attached, proton will tell you that it's pgp-encrypted and signed, without explaining what kinda key it is signed with? and when replying, it doesn't provide any suggestions as to how you could encrypt the reply.
Show threadww 🩶Mar 14
and yes it'll quote the message in the plaintext reply by default lmao
Show threadww 🩶Mar 14
"Setting up PGP encryption is not simple and not for the faint of heart."
— Proton Mail (yes that's an actual quote)
Show threadCat PoníčkováMar 14
@ww for some weird reason i watched almost 2 hour long interview with the fastmail cto yesterday and he was like, our main advantage is jmap, if you want actual e2ee, get signal
Show threadww 🩶Mar 14
@poni that is a weird thing to do

but yeah, these days it's like, a pretty uncontroversial opinion that pgp is the worst encryption you can possibly have and you shouldn't use it. aside from a few people who really really like pgp for some inexplicable reason.