> On 17 May 2018, at 11:50, Patrick Brunschwig <patr...@enigmail.net> wrote: > >> On 17.05.18 10:07, Werner Koch wrote: >> On Thu, 17 May 2018 08:59, patr...@enigmail.net said: >> >>> Within 12 hours after the release I got 5 bug reports/support requests >> >> Kudos to Enigmail for acting as our guinea pig. I implemented the same >> thing in GPGME this morning (see my mail to enigmail users). >> >> What shall we do now? Provide a separate tool to decrypt and clean HTML >> messages or add a tool to Enigmail to do just this? > > Good question... Thunderbird is working on fixing the HTML display > issue. But I think we should really start enforcing users to enable MDC. > I therefore would prefer keeping the barrier high. In any case, this is > nothing that I could implement with a week or two.
I agree, while it would be easy for the users to have a magic button in enigmail, this isn’t something we should be encouraging users to use on a regular basis. IMO a better solution would be a standalone tool that you could point at a local Maildir and tell it to clean and re-encrypt anything it finds that is bad (for a given value of “bad”), and save it to a new Maildir, perhaps with an attachment explaining what was done. This would of course invalidate any signatures on the re-encrypted data, but that’s OK for the use case. It should not be an in-place update, nor should it work over e.g. IMAP because that would a) encourage people to run it in a cronjob and b) destroy the originals, which may be a deal breaker for archival purposes. A _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
