I hope to see e-mail move to encrypted by default. That's the path web
is going:
https://www.chromium.org/Home/chromium-security/marking-http-as-non-secure
However, as e-mail overall is mostly unencrypted (you don't even know if
it'll be delivered encrypted to the provider:
https://www.google.com/transparencyreport/saferemail/ ) we're a long way
off this.
We could be analysing whether an e-mail was delivered by a secure
method. We can do this by checking received headers:
Sample headers
Received: from xx
by xx (Postfix) with ESMTP id BB1057BA98
for <[email protected]>; Fri, 25 Mar 2016 10:38:29 +0000 (GMT)
Received: from xx
by xxx (amavisd-new, port 10024)
with ESMTP id kEaYiQPLCxiT for <[email protected]>;
Fri, 25 Mar 2016 10:38:27 +0000 (GMT)
Received: from yy
(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
(No client certificate requested)
by xx (Postfix) with ESMTPS id C19917A8E9
for <[email protected]>; Fri, 25 Mar 2016 10:38:27 +0000 (GMT)
Received: from yy
by yy with esmtp (Exim 4.86_1)
(envelope-from xx)
id 1ajOr6-00020j-MM
for [email protected]; Fri, 25 Mar 2016 10:20:36 +0000
Because this message was between xx and yy with TLSv1, it might be
reasonable to give it an indicator showing the transport between
providers was secure.
There's also the complication of S/MIME (requested and widely supported
on other clients) which provides a different form of security to both
SMTP/TLS and PGP/MIME
We will need to strike a balance between not overloading with icons, a
consistent design language and not over-warning for the common case.
It's definitely not possible at the moment to disable the warning if you
have an OpenPGP provider set-up.
- Philip
On 2016-03-25 11:25, yisco wrote:
I just installed the latest 5.108 alpha and found that it nicely
integrates with an installed OpenKeychain because of
"• Added rudimentary support for reading and composing PGP/MIME
messages".
One thing though:
Now each and every normal message I open displays a prominent red "Not
ecnrypted / Not signed" above the mail text.
Considering the fact that 95% of the mails I receive are not encrypted
I'd like to turn this message off when a mail is neither encrypted nor
signed.
This is because I see encryption as a feature and not the lack of it
as a sign of a broken mail.
I didn't found a way turn this "no encryption" message off; if it's
not possible yet please regard this as a feature request.
--
--
You received this message because you are subscribed to the K-9 Mail
Users List.
To post to this group, send email to [email protected]
To unsubscribe, email [email protected]
To report an issue with K-9 Mail, visit
http://code.google.com/p/k9mail/issues/list [1]
For more options, visit this group at
http://groups.google.com/group/k-9-mail [2]
---
You received this message because you are subscribed to the Google
Groups "K-9 Mail" group.
To unsubscribe from this group and stop receiving emails from it,
send an email to [email protected].
For more options, visit https://groups.google.com/d/optout [3].
Links:
------
[1] http://code.google.com/p/k9mail/issues/list
[2] http://groups.google.com/group/k-9-mail
[3] https://groups.google.com/d/optout
--
--
You received this message because you are subscribed to the K-9 Mail Users List.
To post to this group, send email to [email protected]
To unsubscribe, email [email protected]
To report an issue with K-9 Mail, visit
http://code.google.com/p/k9mail/issues/list
For more options, visit this group at http://groups.google.com/group/k-9-mail
---
You received this message because you are subscribed to the Google Groups "K-9 Mail" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
