Looks like voices were heard - and other work was done - http://www.mailvelope.com/blog/security-audit-and-v0.6-release
-Ali On Mon, Dec 17, 2012 at 5:27 AM, Karel Bílek <[email protected]> wrote: > Because Thomas (the original developer of Mailvelope) wanted to let > the extension work as it was, with the unsecure encryption inside DOM, > I decided to fork his project and make a new one, which both encrypts > and decrypts in a secure chrome pop-up. > > It's here, it's called ChromeGP. > https://cryptoparty.cz/ChromeGP/ > > Available on chrome web store here > > https://chrome.google.com/webstore/detail/chromegp/pebhdbojdpjfidjbneklefmpojncdpmf > > and on github here > https://github.com/runn1ng/ChromeGP > > There are two big issues with it - first is missing signing/signature > control (which should be easy to implement, but we will see) and the > second is OpenPGP's trouble with zip compression inside PGP (which, > unfortunately, causes the default Thunderbird/Enigmail encryption fail > to decrypt, I think). > > Feel free to share and/or criticize :) > > K > > On Thu, Dec 13, 2012 at 1:24 PM, Eugen Leitl <[email protected]> wrote: > > ----- Forwarded message from StealthMonger <[email protected]> > ----- > > > > From: StealthMonger <[email protected]> > > Date: Wed, 12 Dec 2012 23:22:28 +0000 (GMT) > > To: liberationtech <[email protected]> > > Subject: Re: [liberationtech] Mailvelope: OpenPGP Encryption for Webmail > > Reply-To: liberationtech <[email protected]> > > > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > Uncle Zzzen <[email protected]> writes: > > > >> [Weighty argument compelling closer study.] > > > > So unless and until the Mailvelope author(s) remedy this, support for > > Mailvelope has to be muted. > > > > However, comparison with Cryptocat is still unfitting because > > Cryptocat does not even pretend to do store-and-forward authenticated > > email using public key cryptography. In fact, its author asserts [1] > > > > 2. Cryptocat does not mean to compete with GPG, it means to replace * > > plaintext.* > > > > [1] Date: Mon, 6 Aug 2012 18:14:33 -0700 Message-ID: > > <caoz60qdzfadz35xjbwkad1vjtt3zzkbp-tw2ipq+sueuzsk...@mail.gmail.com> > > > > - -- > > > > > > -- StealthMonger <[email protected]> > > Long, random latency is part of the price of Internet anonymity. > > > > anonget: Is this anonymous browsing, or what? > > > http://groups.google.ws/group/alt.privacy.anon-server/msg/073f34abb668df33?dmode=source&output=gplain > > > > stealthmail: Hide whether you're doing email, or when, or with whom. > > mailto:[email protected]?subject=send%20index.html > > > > > > Key: mailto:[email protected]?subject=send%20stealthmonger-key > > > > -----BEGIN PGP SIGNATURE----- > > Version: GnuPG v1.4.10 (GNU/Linux) > > Comment: Processed by Mailcrypt 3.5.9 <http://mailcrypt.sourceforge.net/ > > > > > > iEYEARECAAYFAlDI34wACgkQDkU5rhlDCl7RugCggOoq0oclCcZ/F2LPjUs3BIb5 > > AcUAnjeOtCVCLKzyqETqPvU1kFsgPnRk > > =d7cd > > -----END PGP SIGNATURE----- > > > > -- > > Unsubscribe, change to digest, or change password at: > https://mailman.stanford.edu/mailman/listinfo/liberationtech > > > > ----- End forwarded message ----- > > -- > > Eugen* Leitl <a href="http://leitl.org";>leitl</a> http://leitl.org > > ______________________________________________________________ > > ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org > > 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE > -- > Unsubscribe, change to digest, or change password at: > https://mailman.stanford.edu/mailman/listinfo/liberationtech >
-- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at [email protected] or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
