-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 Hi Stefan,
my thoughts on your issues/proposals. But I am not a developer. Could you (or anyone else) contribute code for the proposals made? > People today read their mail on many different devices Agreed. > and, therefore, it is needed to copy your private key between the devices. Well, depends. I do not want to use my main key on my smartphone. I created a smartphone key (but rarely use it). But if you do want to put your secret key on a mobile device, OK. And, there is the "just two PCs" setup also. > 1. On machine B generate a new, temporary, keypair. ... 2. ... This allows > us to securely send the main private key to B. For the usecase you describe, mailing the main key symmetrically encrypted would be easier than creating and deleting a temporary key. Use "gpg -c ..." to do so. I agree that Enigmail could provide means. This is not standardized though. You could also send the key as password protected ZIP (AES, not ZIP 2.0 ...). > 7. Import your main keypair that you saved in step 5. You'd also have to add trust to that key after importing it. > Why is there not a similar option to send the private key via email as for > the public key? My guess: because people could be misled using it. If there was a menu entry to send the private key, it should ask for a strong "transfer passphrase" and use "gpg -c ...". You could open an enhancement bug (RFE) for that. > It is possible to import a keypair directly from an unencrypted mail using > the attachment context menu. Why is this not possible in an encrypted > mail? Is it a bug? That's a good one. In a inline PGP encrypted message with separately ancrypted attachments, Enigmail doesn't try to decrypt the attachments and display them as unencrypted parts - therefore doesn't offer to import the key but to decrypt it. Please open a separate enhancement bug for that. > When importing a keypair with the same user information as an already > existing key, ask if the old key should be disabled. I agree that there may be a dialog asking the user, but I use several keys with partially overlapping UIDs - and would not want my (valid) key to be disabled. > When a key that is used by an account is deleted or disabled ... I would rephrase "is deleted or disabled" by "is no longer accessible/available" > prompt the user to change the account key. ... or create a new key. Yes, as above, a dialog might be worth thinking about. Olav - -- The Enigmail Project - OpenPGP Email Security For Mozilla Applications -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.20 (MingW32) Comment: Dies ist eine elektronische Signatur - http://www.enigmail.net/ iQGcBAEBAwAGBQJR3ymRAAoJEKGX32tq4e9WCOwMAJIWA+3ZxJIDUZuni8+FQ22k xViR3q4HRIA7b5201hZAV9Opkt6BtAG7IkejAiGZXRssqGijgYqU9jCBhwrbC505 l8N4avMVLRd8IVPhcZyNKFNF68eSLS2tPDumBZcyhGW/F95KnmHyoR2oiyOXxdpe SQov1bu00xt7QF9ep+eBKRjmXtzcjFD+KZiWccIlOpMoWvGTLBIRI77TkPAFUaoQ ojjNbJEi13YMKN9uJccKCUNp8WeGSG/VSnVF94ZQcAy5WRjjUVQVJ5SenUjlxU94 dYExmVc7JO6cAG03OmuPTv+dHxFcoTnDGDfZZhDXEGn0ZDVb229Qv78yZBZXzc8j NVvAp7tID7EauS4+MdsU8KEx+i1poqHQz8SmL+EGjLFJok09ttDhdw2T4v/7N5Jj sbVEPP5BCQrIFrTH2k9XFOx/LGa2UtHU3KVjKHtNZs+F2IJF1bzOUgbolkpA+oVY B2p45mFFD/+R/P/NqULAzLWEH31y0lfHCbiyznMV8A== =562P -----END PGP SIGNATURE----- _______________________________________________ enigmail-users mailing list [email protected] https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
