Re: [Enigmail] Is it possible to avoid migration to Thunderbird's P/GP/G implementation?
--- Begin Message --- On 9/9/2020 8:17 PM, li...@datenritter.de wrote: > Have you considered using interlink? > (I'm not sure if that'd be a good idea in the long term. Mozilla had > their reasons to give up the XUL stuff. Maybe they could be convinced to > boost security a bit...) > AFAIK the only security-related reason for dropping XUL was that XUL addons were written in the browser's own language and had access to too many things, including files on user's hard drive. The security problem in XUL was rogue add-ons which won't be a problem if you only use Interlink with Enigmail and the few other addons that have been approved for Interlink. The WebExtensions which replaced XUL also aren't impervious to rogue developers: https://robertheaton.com/2018/07/02/stylish-browser-extension-steals-your-internet-history/ --- End Message --- ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] Is it possible to avoid migration to Thunderbird's P/GP/G implementation?
Am 09.09.20 um 11:35 schrieb Lachezar Dobrev:> I have not had any experience with the new Thunderbird, and I wonder > if it will be possible to completely skip migrating from Enigmail and > start all-over without touching the infrastructure I have built? Have you considered using interlink? (I'm not sure if that'd be a good idea in the long term. Mozilla had their reasons to give up the XUL stuff. Maybe they could be convinced to boost security a bit...) Also, from what I read, you can still use gnupg and don't need to keep your private keys in TB...?! > I am thinking of creating new P/GP/G keys for use with Thunderbird > only. And *somehow* I should have a way to sign those with a key that > is *not* in Thunderbird. You should be able to create such a keypair, then sign it, then import it into TB. ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] Is it possible to avoid migration to Thunderbird's P/GP/G implementation?
On 09.09.20 11:35, Lachezar Dobrev wrote: Hey all. After reading the messages on this mailing list, I'm contemplating whether I should completely separate the P/GP/G for day to day use (code signing, file crypto, etc.) with the one for email. That way whatever trust I bestow in Thunderbird's P/GP/G implementation will not interfere with the other tools that I use. I have not had any experience with the new Thunderbird, and I wonder if it will be possible to completely skip migrating from Enigmail and start all-over without touching the infrastructure I have built? I am thinking of creating new P/GP/G keys for use with Thunderbird only. And *somehow* I should have a way to sign those with a key that is *not* in Thunderbird. That's possible. You aren't forced to perform a migration with Enigmail, you may cancel the offer. To do what you want to do, you could create a new key pair in TB 78. Then use TB 78 key manager to export your public key. Then use your existing setup to sign your new key with your old key. Export your signed pub key from gnupg. Use TB 78 to import your signed pub key. The signature you've made will not be automatically used by TB 78, but if your correspondents import your new pub key, they can see the signature in key details, certifications tab. Kai ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net