搜尋 Mozilla 技術支援網站

防止技術支援詐騙。我們絕對不會要求您撥打電話或發送簡訊,或是提供個人資訊。請用「回報濫用」功能回報可疑的行為。

了解更多

Integrated OpenPGP in TB 78.2+ much less functionality than Enigmail?

  • 1 回覆
  • 1 有這個問題
  • 2 次檢視
  • 最近回覆由 christ1

more options

Where can I find a roadmap for OpenPGP integration?

I've been using Enigmail for years, and find the current OpenPGP integration lacks significant features that made Enigmail useful.

  • Unable to prompt for passphrase at each use. This is a major security issue if anyone gains access to your system with TB already running. It is unacceptable that your PGP keychain is wide open as long as TB is running.
  • Internal keyring. I used to be able to share a single keyring between Windows, Cygwin and TB. Now that TB has moved to keeping its own keyring I have to worry about moving keys back and forth as needed.
  • Fails to validate alternate identities. A keypair can have multiple associated email addresses. If you receive a signed/encrypted message "From" an alternate identity, TB fails to see the signature as valid.

Are there any plans to mitigate these problems?

Where can I find a roadmap for OpenPGP integration? I've been using Enigmail for years, and find the current OpenPGP integration lacks significant features that made Enigmail useful. * Unable to prompt for passphrase at each use. This is a major security issue if anyone gains access to your system with TB already running. It is unacceptable that your PGP keychain is wide open as long as TB is running. * Internal keyring. I used to be able to share a single keyring between Windows, Cygwin and TB. Now that TB has moved to keeping its own keyring I have to worry about moving keys back and forth as needed. * Fails to validate alternate identities. A keypair can have multiple associated email addresses. If you receive a signed/encrypted message "From" an alternate identity, TB fails to see the signature as valid. Are there any plans to mitigate these problems?

所有回覆 (1)

more options
I've been using Enigmail for years, and find the current OpenPGP integration lacks significant features that made Enigmail useful.

That is correct. In terms of features, the current Thunderbird OpenPGP implementation isn't on par with Enigmail (yet). That will improve over time.

Unable to prompt for passphrase at each use.

That feature has already been requested. When this will be implemented, I don't know. See https://bugzilla.mozilla.org/show_bug.cgi?id=1679455

Internal keyring. I used to be able to share a single keyring between Windows, Cygwin and TB.

Thunderbird uses it's own model for deciding which key may be used for encryption, the user interface is adjusted to that model - which is different from how GnuPG makes decisions about trusting public keys. Encryption will never use the external gnupg setup. You can use the external gnupg keyring for signing and decrypting though. See https://wiki.mozilla.org/Thunderbird:OpenPGP:Smartcards

Fails to validate alternate identities.

You'd need to set up each identity for encryption.