On 8/24/20 8:12 PM, Mark wrote: > Am I understanding this correctly, your PGP keys are no longer secured > with their passphrase and instead relies on the global master password > in Thunderbird? Does that not weaken or at least somewhat minimize the > validity of the signatures? There are numerous TB password recovery > programs out there.
Fortunately, Thunderbird will have optional support for delegating private key actions (decrypt, sign) to an external GnuPG keyring. This is primarily being advertised in order to support smartcards. However, GnuPG won't care whether the private key is in the keyring directly or used via a smartcard. ;) See https://wiki.mozilla.org/Thunderbird:OpenPGP:Smartcards > Another question I have is regarding keeping multiple keystores in sync, > i.e., TB's internal one and the currently used gnupg one? My understanding is that they won't be kept in sync at all, period -- though Enigmail's migration tool will do a one-time import from GnuPG into TB's internal store. This is not my ideal use case, but since I will only be using it for public keys, not private keys, it's not a dealbreaker for me. :) -- Eli Schwartz Arch Linux Bug Wrangler and Trusted User
signature.asc
Description: OpenPGP digital signature
_______________________________________________ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net