@saroumane
- 5 Followers
- 22 Following
- 46 Posts
Paris
saroumane@sir Nevertheless, I found a big one on my own :)
https://mastodon.social/@saroumane/104133850687114651
https://mastodon.social/@saroumane/104133850687114651
@amolith I totally agree with you. I'm expecting a decent email provider not to enforce the upload of a private key. So in this case my setup would have been Thunderbird + Enigmail => Proton Imap Bridge => Proton server.
Of couse Protonmail let you upload private key if you want to only use their Webmail, but I see they explicitely block already encrypted emails on their IMAP Bridge : https://www.reddit.com/r/ProtonMail/comments/flmiw2/using_my_own_pgp_keys_with_bridge_imap/
Very suspicious ! For now I will stay aside and see how the situation is evolving.
Of couse Protonmail let you upload private key if you want to only use their Webmail, but I see they explicitely block already encrypted emails on their IMAP Bridge : https://www.reddit.com/r/ProtonMail/comments/flmiw2/using_my_own_pgp_keys_with_bridge_imap/
Very suspicious ! For now I will stay aside and see how the situation is evolving.
@sir Of course I do. Remember, I told you caught my attention with very valid reasons about not trusting Signal. So I'm expecting the same about Protonmail.
@sir Ok. Any other caveats ?
@sir They claim Open PGP support since 2018 ( https://protonmail.com/blog/address-verification-pgp-support/ ). So I'm not sure about what you mean. Maybe the lack of standard IMAP ? They want users to install a "Proton Bridge" between IMAP client and their server, but this app is also opensource. Yet I'm looking for complaints about it.
@sir I think you missed the "at rest" part in "zero access encryption at rest". Of course they can make a copy of every email coming in their server. But that's a different problem. A kind of "No logging policy" vs "Storage policy".
@sir "Protonmail lies about the capabilities of its encryption" Any pointers about that ?
@sir Hello, I've been using Runbox, with my own domain for a few years, and I'm now considering Protonmail. 2 avantages of the latter : "zero access encryption at rest" and it's located in Switzerland (so out of 5 / 9 / 14 Eyes, contrary to Runbox's Norway). Meanwwhile, I just discovered you thanks to your post about Signal (in which you make very valid points !), so I'm very eager to understand why Protonmail should be avoided.
@Gargron 10 000 000 $ Double Damage Rune !