On 08.10.2019 09:08, Patrick Brunschwig wrote: > The Thunderbird developers have announced that they will implement > OpenPGP support in Thunderbird 78 [1]. Support for Thunderbird in > Enigmail will therefore be discontinued. > > [Snip] > > I will continue to support and maintain Enigmail for Thunderbird 68 > until 6 months after Thunderbird 78 will have been released (i.e. a few > months beyond Thunderbird 68 EOL). Enigmail will not run anymore on > Thunderbird 72 beta and newer.
IMHO, integrating PGP into TB in general is a good decision. However, I have two concerns (being a naive user, and being far away from understanding the technical aspects). 1) The schedule We have all been educated to update our applications (notably, "internet applications" like browser and email clients) as soon as updates are available; at least, this is true for security updates. Despite release plans, I think nobody knows for sure how much time actually will pass between TB 72's predecessor and TB 78, and how many security updates will be released between these versions. During that time, I either can't use Enigmail (if I decide to install the security updates), or I have to ignore the security updates (possibly putting me to risk). Did I understand this correctly? I am not on a level that I would use GnuPG on the command line to encrypt or authenticate my messages (encryption is fascinating, and if I had the time, it would be a pleasure to dive deeply into this subject, but for the time being, I just need it working), so I am dependent on the TB / Enigmail duo (at least until TB 78). 2) The features When integrating PGP into TB, IMHO great attention must be paid that none of the important features of Enigmail / GnuPG get lost, not even in the first version. The statement that the first implementation probably will be "less feature-rich" than Enigmail (let alone GnuPG) really frightens me and lets me expect all sorts of problems. For example, even I (as a non-advanced user) recently had an issue where I could not use PGP keys which were generated by Enigmail, because the keys' IDs were formally wrong so that key servers didn't accept the keys. The easiest possible solution was to re-generate these keys using GnuPG on the command line (despite my statement above ...) and import them into Enigmail. This simple case shows that we actually need the full functionality of a mature software package like GnuPG from the beginning on (note that my problem was ridiculously simple, but even then I couldn't easily solve it using Enigmail alone). My feeling is that TB (and probably email encryption / authentication per se) will lose a lot of users (including me) if the first implementation lacks essential features, makes the encryption setup fail due to common problems (like mine), or makes encryption unusable or difficult in any other way. By the way, being able to encrypt the subject of an encrypted message also is one of the essential features (thanks, Patrick, and thanks, Werner, that you finally have made this possible a while ago!) ... Just my 2 cents ... Regards, Binarus _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users