On 5/17/2014 10:51 PM, Someone wrote: >> Why not perform a check of the headers on all of the previously received >> mail from the email address you're presently sending mail to, and then >> skip the attachment scheme selection dialog if the contact's mail has >> been exclusively composed either on mail clients that support PGP/MIME >> or on ones that don't?
I like the proposal of enigmail being more proactively helpful in
figuring out what kind of message formatting is reasonable.
On 05/17/2014 11:13 PM, Robert J. Hansen wrote:
> A lot of users would object. "I don't want Enigmail to keep track of
> whom I'm corresponding with and what technologies they're using! It's a
> violation of privacy! How do I know what you're doing with that
> information you're collecting?"
>
> And I hasten to add -- it's a pretty reasonable objection.
I don't think this is a reasonable objection. Enigmail already has
access to all of these mails. it's not like anyone is proposing sending
this information to a network service or to the enigmail website or
leaking this kind of private data. Users already expect Enigmail to
handle more sensitive things (like the user's key material) without
divulging them.
Just to be clear: I don't know of any MUA that can handle/decrypt
PGP-encrypted mail but *can't* handle/decrypt PGP/MIME-structured
encrypted mail. All the PGP/MIME problems i've seen reported have to do
with failing to read PGP/MIME-signed (but not encrypted) messages.
I think there are engineering issues that might make the initial
proposal difficult, though. I don't know that they're insurmountable
(some will be answered with heuristics that won't always guess right),
but you probably want to think through them in more detail before trying
to implement something like this:
* just because you've never been sent an e-mail from that user via a
PGP/MIME-broken MUA doesn't necessarily mean that they never read mail
on such a MUA. Sending is not receiving.
* you'd need to enumerate which versions of which MUAs (with which
plugins) are PGP/MIME-broken and keep that list up-to-date somehow. How
does that interact with, say, webmail implementations?
* some messages don't have any clear indication of what MUA they used.
* someone who used a PGP/MIME-broken MUA 6 years ago may not still be
using that MUA. should six-year-old mail still be relevant? Figuring
out what sort of cutoffs are reasonable is non-trivial.
* Imagine a user who has 300,000 message in their mail archive. You
wouldn't want search all of those each time. so you'd want to keep some
sort of state for each user that could be updated when new mail from
that user was discovered by thunderbird. This doesn't necessarily just
mean when new mail is fetched -- thunderbird could suddenly get access
to an old mailbox, or a new folder could be published. how would you
synchronize this cached state?
--dkg
signature.asc
Description: OpenPGP digital signature
_______________________________________________ enigmail-users mailing list [email protected] https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
