Date: Thu, 19 Nov 2020 18:15:48 +0100 From: Daniel Ebdrup Jensen <debdrup@FreeBSD.org> To: freebsd-hackers@freebsd.org Subject: Re: How is Thunderbird signing my emails? Message-ID: <20201119171548.anb34fpeuij3liyr@nerd-thinkpad.local> In-Reply-To: <7CB521CC-8B8D-4E06-BBE0-23FD58A2F79F@freebsd.am> References: <3e4179d0-f6c4-66a5-9628-b2ee95071858@FreeBSD.org> <7CB521CC-8B8D-4E06-BBE0-23FD58A2F79F@freebsd.am>
next in thread | previous in thread | raw e-mail | index | archive | help
--lutftm3h3tq73gxs Content-Type: text/plain; charset=utf-8; format=flowed Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Nov 19, 2020 at 04:05:40PM +0400, Antranig Vartanian wrote: >I=E2=80=99m wondering if there are any alternative clients that Just Works= and uses GnuPG keyring? > >Thanks in advance. > >Sent from my iPhone > >> On 19 Nov 2020, at 3:02 PM, Lev Serebryakov <lev@freebsd.org> wrote: >> >> =EF=BB=BFOn 19.11.2020 5:52, George Mitchell wrote: >> >>> The Thunderbird people have integrated the functionality of Enigmail >>> into Thunderbird itself. In the abstract, this sounds like a great >>> idea, because I believe that the more people use PGP signatures and >>> encryption, the better. But the concrete reality of the implementation >>> puzzles me in a couple of respects: >> Concrete reality of the implementation is awful. It is not replacement f= or Enigmail :-( >> >>> a. It's now inclined to attach my public key to every message I send, >>> unless I tell it it not to do that on a message-by-message basis (under >>> the "Security" menu in the message composition dialog). I can't find >>> where I can globally disable this. >> See https://bugzilla.mozilla.org/show_bug.cgi?id=3D1654950 - new release= s will have hidden setting for it. >> >>> b. More alarmingly, when it appends my PGP signature to my outgoing >>> messages, it is able to unlock my private key without asking for the >>> passphrase. How is it doing this?? >> New Thunderbird doesn't use GPG keyring, it imports all keys into its ow= n database (also it doesn't use Web Of Trust!). Private keys are protected = only by global profile password (did you have this one set? I'm in doubt, i= t is rarely-used feature). So, if you account is without global password, = you imported private keys are not protected at all. Good luck with that :-( >> >> -- >> // Lev Serebryakov >> _______________________________________________ >> freebsd-hackers@freebsd.org mailing list >> https://lists.freebsd.org/mailman/listinfo/freebsd-hackers >> To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.or= g" >_______________________________________________ >freebsd-hackers@freebsd.org mailing list >https://lists.freebsd.org/mailman/listinfo/freebsd-hackers >To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org" Hi folks, NeoMutt and GnuPG works well together, and NeoMutt can even render html ema= il by=20 using w3m as a pager for the by setting 'auto_view text/html' and putting t= he=20 following into ~/.mailcap: text/html; w3m -T text/html %s; nametemplate=3D%s.html; copiousoutput I've been using it on my FreeBSD laptop for both mailing lists, FreeBSD=20 development, and as a daily driver. Also, please think of this as a little reminder not to top-post on mailing= =20 lists. :) Yours respectfully, Daniel Ebdrup Jensen --lutftm3h3tq73gxs Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQGTBAABCgB9FiEEDonNJPbg/JLIMoS6Ps5hSHzN87oFAl+2qENfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDBF ODlDRDI0RjZFMEZDOTJDODMyODRCQTNFQ0U2MTQ4N0NDREYzQkEACgkQPs5hSHzN 87qnPggAo6PzXLT+8PEFEQyUgltqQCN1/CLAcsRsgcvo9kWwTLprvQN1DqTsX37r Pr8K8KXjUyD6jk0SFd5FSPV/xPh33dGjiPDS/OCh368UIES1kacFrY3ZScX9hTkS kNqpyLIuF1j5JxazxvMeVCkHw2pT78mfcDO3OJ5h3d+o37R4yeuY0MeBYwrB1Oi9 7iZ5Xp8R8iHEZVH9A+09l1TnY6t0H5DCyq4KellX93BcC8EYh32ROJu2IZjC/twh J53haiibWRSAkLYt6g9e1WdAOt1o+/GnjEevj6AQNGdVmy+JXdJ/TTE9ofha8au0 zp0rC0O0EBbx9jjhcMT+qzlPMgy/rA== =IXf8 -----END PGP SIGNATURE----- --lutftm3h3tq73gxs--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20201119171548.anb34fpeuij3liyr>