Hey, We are currently facing the issue, that Autocrypt broke existing workflows The scenario (Tails 3.10.1, thunderbird 60.2.1, enigmail 2.0.7): A Tails user (Alice) was communication for a long time using OpenGPG and prefers encrypting messages by default (via "Account Settings") with Bob another Tails user. So Alices is used, that the communication is encrypted with Bob.
But this is broken by Autocrypt: Bob sends a message to Alice and sends the Autocrypt header without prefer- encrypt=mutual, as it is disabled by default. Alice answers to that mail and sends an unencrypted mail, because they didn't recognized, that the encryption/signature state were modified by Autocrypt. The wish of Alice to always encrypt is not taking into account anymore. Even worse, also if Alice had created a per recipient rule for Bob to explicitly use encryption. This rule is not followed, as the Autocrypt rule is higher rated [1]. I see the issues so far: Autocrypt adds own per-recipient rule with (never,never) on top of the rule list and that overwrites the other per-recipient rules. As the other rules were done by hand from the user - The user would never expects, that a update will overwrite his rules silently. If the rule order is changed (autoencrypt rule would be added to the bottom), the other rules are preferred and an encrypted mail is sent by default according to the other rules. I see another conflict of interests, if there is no explicit rule available, the Autocrypt rule is preferred over the general setting "Encrypt messages by default" from "Account Settings". * I would recommend that Autocrypt adds his new rules on the bottom, to not overwrite existing rules. * Autocrypt should not use "never" but better either "yes, if selected in Message Compositor" or even better add an other option, something like "recipient do not tell to use encryption explicitly". That should make sure, that the general setting "encrypt messages by default" is not been overwritten by Autocrypt. This is mostly an issue about interpreting the missing "prefer- encrypt" parameter. Does it mean "never encrypt" or "if Alice wishes, it can be encrypted" and Alice told encrypt messages by default. * Mostly Tails specific: I'd recommend, that Tails enable "Prefer encrypted emails from the people you exchange email with." by default. As our audience group expects us that we enable this. This inform recipients, that you prefer to get encrypted replies. Technically this adds "prefer-encrypt=mutual" to the Autocrypt header. The issue is tracked at Tails bugtracker: https://redmine.tails.boum.org/code/issues/15923 hefee [1] https://redmine.tails.boum.org/code/attachments/download/2189/per-user-edit-rules.png
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ enigmail-users mailing list [email protected] To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
