-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On Thu, Feb 13, 2020 at 10:05:21PM +0100, Frédéric Pierret wrote: > > On 2020-02-13 20:37, Claudio Chinicz wrote: > > Hi Frédéric, > > > > Thanks, I've managed to install claws-mail on my Fedora template. The > > problem is that Claws-mail does not support Oath2 (Google) authentication, > > just like Kmail. > > Your welcome. > > > > > Evolution does support Oatrh2 authentication but instead of Gnupg it > > supports Open PGP,
I think you're confusing two unrelated things. Oauth2 has nothing to do with email encryption. Also, just to clear terminology, GnuPG/GPG is an implementation of OpenGPG standard, so _in theory_ it is the same. - From what I see, Evolution does use GnuPG under the hood. > > the same standard that TB 79 will support, replacing Enigmail. > > > > Would Open PGP support/integrate with Qubes Split GPG? > > I CC Marek to this question as I known there is some new version of it but I > don't know what's inside. Thanks for bringing this to our attention. For reference, this is about https://wiki.mozilla.org/Thunderbird:OpenPGP:2020 - From my reading of this page, it sounds like a DISASTER in terms of existing pgp encrypted emails support in Thunderbird, but also in terms of extensibility of Thunderbird (severe limitation of addons, if not removing them completely). One of the key features of Thunderbird is its flexibility thanks to addons... So, it looks like they have decided to use a completely different implementation (or even writing own) of OpenPGP standard, instead of using well-established standard of GnuPG. They already acknowledge it will most likely lead to many interoperability issues and they accept it at the design level. Life shows that if you already know it will be bad at the design level, in practice it will be even worse! But also important aspect is the key storage. Anyone serious about security knows that keys should be stored isolated. Those not lucky enough to use Qubes, can use smart cards for that. And according to FAQ on that page, new Thunderbird won't support smart cards! And in the shape presented on that page, it looks like there won't be a way to plug split gpg either! As a side note, I do think that even though GnuPG is a well established standard, its quality isn't very high and steps to break its monopoly in OpenPGP implementations are a good thing. But it should be done in an incremental, compatible way, not "break everything" approach. Another side note, or rather a hint for Thunderbird developers: modern gpg consists in reality of multiple parts running as separate processes. One of them is gpg-agent responsible for accessing private keys (either local or on a smart card) and nothing else. gpg-agent has also a simple, (kind of) documented protocol. If they still want to break everything, they could at least consider support for using existing gpg-agent available in the system. This won't solve interoperability issues, but at least will allow people to keep their keys secured on smart cards or with (upcoming new version of) split gpg. The only good side of this I see is having PGP support in Thunderbird out of the box without requiring an addon - meaning probably more people will use it. BTW we need to verify is this major breakage of Thunderbird addons won't break other Qubes features too - namely opening attachments in DisposableVM, which is also done using an addon. - -- Best Regards, Marek Marczykowski-Górecki Invisible Things Lab A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? -----BEGIN PGP SIGNATURE----- iQEzBAEBCAAdFiEEhrpukzGPukRmQqkK24/THMrX1ywFAl5GjPAACgkQ24/THMrX 1yxyewf/Un2JTcdEXx/c0mZd+huN3sr/OwfWt4vOaLnNoPdnog0ak9mpdiJfwAj9 Na3g9jXdF/0hjfgLMC7S7kZaCJv08hzycMatmIl2lY7q7oI8kobIye2EBKZg6/Z3 8WYuYILZet1B7J79/J66lUdhZQt72aLnDadFj9EdIJaFH9GtEUH4SNezsaXce9Q/ M+LWJhS947SySfsuZ3js5IunflHI51AV449OxUzA2fO60/tK7zQg6H+9L8UXBgFO feDvXjLK9+sDGvryn6/M9GNe5Hq5ZBHaFABkpfjhSgF8O2aJm1dFKeMvKJvKh4Ts AexsYCPoXKT2vr5gBwN+BgOQINRgtg== =Qqfw -----END PGP SIGNATURE----- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20200214120504.GE18599%40mail-itl.
