On 01/14/2013 02:43 PM, soportek wrote:
When I attempt to send a signed or signed and encypted e-mail from my
account I receive the following error.
Send operation aborted.
Key 0xABCDEF01 not found or not valid. The (sub-)key might have expired.
i don't think this is your actual keyid.
On 01/14/2013 07:07 PM, David wrote:
Do I understand correctly that Enigmail is now written in Java code?
Does Enigmail require Java to 'run'? I ask because Oracle is not doing
so well with Java lately.
no, Enigmail does not use Java. All versions of Enigmail use Javascript
(which is an
On 01/17/2013 04:42 PM, Daniel Kahn Gillmor wrote:
this patch should offer no significant surprises, as it just cleans up
some cruft that has drifted into the javascript over the years
i didn't see any followup on this patch -- is there a problem with it?
I think doing this sort of lint-y
On 01/20/2013 11:21 AM, Patrick Brunschwig wrote:
On 20.01.13 16:58, Daniel Kahn Gillmor wrote:
fwiw, 'use strict'; appears 6 times in enigmail, while 'use
strict;' appears twice:
Ah, sorry. You're right - my memory played tricks with me ;-)
I guess i had the advantage of complete
On Thu 2013-01-31 15:46:32 -0500, Ludwig Hügelschäfer wrote:
Some prominent MUAs are known to not be able to cope with
PGP/MIME.
If a prominent MUA cannot deal with PGP/MIME, please name it
explicitly, so we can pressure its vendor or authors to fix it (or, in
the case of free software, so we
On 03/15/2013 12:23 AM, Patrick Fleming wrote:
I have Mozilla provided Thunderbird and Enigmail as a plugin on Debian -
could not get Debian's Iceweasel to work properly.
I think you mean icedove, not iceweasel, right? iceweasel is a web
browser, not a mail user agent. enigmail only works
hi enigmail folks--
package/mimeEncrypt.js contains two hardcoded references to enig2 that
are used to create the MIME boundaries when using PGP/MIME.
In many circumstances it is not a problem to leak the information that
the mail sender is using enigmail specifically, but there are some users
On 04/19/2013 02:33 AM, Patrick Brunschwig wrote:
I can certainly do that. However, what would it change? I could still
identify a message created by Enigmail, and I could still tell you if
some other product would have faked a message to look like Enigmail.
Things like line wrapping of the
On 05/01/2013 08:40 PM, Grant wrote:
On 05/01/2013 01:27 PM, Daniel Kahn Gillmor wrote:
Grant, if you can give us any hints about what the problem was (or
even better, what specific resolution you needed), that would be a
great help to anyone else who might run into the same thing
On 05/04/2013 11:01 AM, Patrick Brunschwig wrote:
Grant, do you read this mailing list via Gmane (i.e. via a NNTP
newsgroups server)? If yes, then it's no surprise that Enigmail won't
detect Daniel's signature: some of the required functionality to
detect PGP/MIME messages are not available in
On 05/04/2013 12:13 PM, David wrote:
If I may ask why does Debian offer such an old version of Icedove (same
as TBird 10 when the current release is 17.0.5) and such an old version
of Enigmail (1.4.1) when the current release is 1.5.1?
For the stable version of debian, we offer long-term
On 05/04/2013 01:25 PM, David wrote:
I see. So does that mean that any security 'fixes' have been
backported? Or just are they just ignored?
Security concerns are not ignored; the goal of any stable release is to
maintain a stable set of features and functionality (and APIs and ABIs)
while
);
ipcBuffer.open(-1, false);
---BeginMessage---
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 21.05.13 23:28, Daniel Kahn Gillmor wrote:
On 05/05/2013 11:55 AM, Patrick Brunschwig wrote:
I looked again into this. The Enigmail code has changed quite a
lot since v1.4 and there is no patch
On 05/23/2013 12:56 PM, Andy Ruddock wrote:
The message just sent to enigmail-users@enigmail.net didn't verify on
my SeaMonkey/Enigmail Wheezy install.
I see a mail with three attachments, one of which is signature.asc
yes, exactly. this is http://bugs.debian.org/679640 , which i am not
sure
On 05/29/2013 04:54 PM, Eduard Christian Dumitrescu wrote:
One way (as discussed in a private exchange with dkg and others) would
be to only show the signed parts of signed messages and ignore
whatever isn't signed. If a particular message doesn't display
properly, one only has to temporarily
On 07/15/2013 02:37 PM, Klearchos-Angelos Gkountras wrote:
I am using Debian Sid and icedove as my personal email programm and I
didn't install enigmail via repos but with icedove's add-ons manager .
Please describe in which branch of debian is the problem ;)
This goes against the general
On 07/15/2013 04:34 PM, Ximin Luo wrote:
For xul-ext-gnome-keyring, I am building the extension twice, against both
xulrunner-dev *and* icedove-dev, then packaging both binaries into the same
XUL extension and using the appId to tell XPCOM to conditionally load the
correct one. Have a look
On 09/13/2013 08:10 AM, Bob Williams wrote:
Should I create a new revocation certificate if I change my
passphrase? Or is the passphrase only 'local' to my secring.gpg?
Your old revocation certificate will still work. Both the revocation
certificate and the public part of your key can be
On 10/09/2013 05:47 PM, Bryant Evans wrote:
Not sure my message earlier went through. Trying again. I am using
PGP/MIME as suggested.
both of these PGP/MIME messages appear to have a valid signature from
Key fingerprint: 3FDD CDC3 F146 3309 7FEE F699 19C1 9D85 1C0B 95E5
So whatever problem
Hi Ralf--
On 10/15/2013 05:14 PM, Ralf Jung wrote:
why does Enigmail refuse to use an unsigned key for encryption? A friend
of mine recently contacted me via encrypted mail, and while I was able
to get her key from a keyserver, I couldn't get a signature for it, so I
decided to do that later
Without this change, zip would happily carry on even if some elements
are missing due to other undetected failures in the build process.
It's better to catch errors in the .xpi generation at build time,
rather than at install or runtime.
---
genxpi | 2 +-
1 file changed, 1 insertion(+), 1
This patch allows the build to proceed cleanly when using
-Wunused-but-set-variable and without FORCE_PR_LOG
---
src/nsEnigMsgCompose.cpp | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/nsEnigMsgCompose.cpp b/src/nsEnigMsgCompose.cpp
index 2bc3f7a..91ca07e 100644
---
On 11/11/2013 05:43 PM, Michael Norrish wrote:
As for //, compilers have had this forever given that it's been in C++
forever.
yes, of course all modern compilers have this option. however, there's
no reason for gratuitous incompatibility against older compilers or for
people who for whatever
On 11/12/2013 12:27 PM, Patrick Brunschwig wrote:
This patch won't work for Thunderbird 19 and newer, as the referenced
${enigDllFile} (line 153) is only generated on Gecko version = 18.
Thus the files would not match.
this seems like something that genxpi should know about, no? If it
knows
i'm trying to use the standard enigmail debugging capability to figure
out why a message is failing verification in enigmail.
The message is clearsigned PGP/MIME, and it verifes correctly in another
MUA (notmuch, using libgmime). Other clearsigned PGP/MIME messages
verify correctly.
When i
On 11/12/2013 02:19 PM, ernie wrote:
I have been following this thread for some time.
That's interesting, because i just started this thread a few hours ago!
Out of curiosity, are these problems win a flavor of Widows or Linux?
I don't use Windows, so i don't know if these are problems on
This patch records the library name and constants expected for debian
GNU/kFreeBSD. Without this line, enigmail 1.6 on that platform
fails with:
[ERROR] enigmail.js: Enigmail.setAgentPath: subprocess.call failed with
'TypeError: platformDefaults[gXulRuntime.OS.toLowerCase(...)] is undefined'
---
ui/locale/en-US/enigmail.properties | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ui/locale/en-US/enigmail.properties
b/ui/locale/en-US/enigmail.properties
index 74021fa..ea5141a 100644
--- a/ui/locale/en-US/enigmail.properties
+++ b/ui/locale/en-US/enigmail.properties
in http://bugs.debian.org/732067, a user reports that the checkbox
Automatically decrypt/verfiy messages in the OpenPGP menu isn't
working any more.
Apparently, the menu option is only available when show expert
preferences is chosen in the OpenPGP preferences dialog.
The inital report came in
On 12/14/2013 09:23 AM, Patrick Brunschwig wrote:
On 13.12.13 22:29, Daniel Kahn Gillmor wrote:
in http://bugs.debian.org/732067, a user reports that the checkbox
Automatically decrypt/verfiy messages in the OpenPGP menu isn't
working any more.
Apparently, the menu option is only
On Wed 2013-01-16 09:12:09 -0500, Patrick Brunschwig wrote:
On 15.01.13 21:10, Daniel Kahn Gillmor wrote:
Question B --
Would patches be welcome to improve the terminology around validity
and trust?
Sure, yes :-)
It's been a while, but I've finally sent a patch to the list
This addresses http://sourceforge.net/p/enigmail/bugs/239/
---
ui/content/enigmailCommon.js | 5 -
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/ui/content/enigmailCommon.js b/ui/content/enigmailCommon.js
index b10375c..e19d9b0 100644
--- a/ui/content/enigmailCommon.js
+++
On 01/30/2014 09:08 AM, Nathan Andrew Fain wrote:
it appears the enigmail has issues when the text of lines will get
wrapped. What I believe is happening is that the signature is made
before the text is converted to its unformatted version and
line-wrapped. So, the signature is created on this
On 02/05/2014 10:06 AM, Onno Ekker wrote:
Well, to me it would also make sense to encrypt to the newest key by
default (by creation date), which would eliminate the need to create a per
recipient rule in most cases...
Having per recipient rules also brings the necessity to manage and maintain
On 03/16/2014 11:46 AM, Boris Month wrote:
me and some friends of mine want to exchange encrypted emails on our
mailing list. Does enigmail support encryption for multiple recepients?
How would you encrypt information on a mailing list?
You might be interested in schleuder, which is an
On 03/26/2014 09:57 AM, Mike Acker wrote:
On 03/25/2014 06:21 PM, Daniel Kahn Gillmor wrote:
hi enigmail folks--
1ee310b5bcdb86f225cc11ca0ae2138a7aaba992 addresses bugs 212 and 179 with
a menu option called trust the keys of all recipients.
I think what this implies is that when sending
On 04/20/2014 07:12 PM, Daniel Kahn Gillmor wrote:
I think it's a really bad idea to make encryption contingent on trust
settings; it should only be contingent on validity.
let me explain this a bit further:
* setting non-zero ownertrust on someone's keys puts you at risk of
being willing
On 04/21/2014 07:09 AM, Nicolai Josuttis wrote:
Thanks a lot for this feedback, Daniel.
These are very compelling arguments.
Seems I fall into the trap of making it too good.
thanks for reading and taking this seriously.
The new approach I suggest would be just to offer:
Automatically
Hi Nico--
thanks for your work on this; i'm really glad to see people thinking it
through in detail.
Responses in more detail below, along with a more radical proposal that
hopefully we can use to think through the desired behavior.
On 04/21/2014 04:11 PM, Nicolai Josuttis wrote:
Let me try
On 04/23/2014 09:18 PM, John Clizbe wrote:
Philip Jackson wrote:
On 22/04/2014 01:30, Daniel Kahn Gillmor wrote:
Note that enigmail's current default behavior is to simply choose the
*first* key in GPG's keyring that claims to be associated with the e-mail
address in question. This is true
On 04/24/2014 02:52 PM, Mike Acker wrote:
On 04/23/2014 10:33 PM, Daniel Kahn Gillmor wrote:
FWIW, i fully agree that the right place to fix this misbehavior is in
GnuPG itself, not in enigmail. I care about non-enigmail users of
GnuPG, and i definitely don't want to have the headache
On 5/17/2014 10:51 PM, Someone wrote:
Why not perform a check of the headers on all of the previously received
mail from the email address you're presently sending mail to, and then
skip the attachment scheme selection dialog if the contact's mail has
been exclusively composed either on mail
On 06/03/2014 12:03 PM, Daniel wrote:
i looked up the Docs on http://www.rainydayz.org/content/915-keyserver
Quote: You may prepend a protocol to the name of a keyserver, e.g.
hkp://keyserver.example.com or ldap://certserver.pgp.com.;
I tried and Enigmail 1.6 as well as today's nightly
On 06/03/2014 04:22 PM, Daniel wrote:
Sorry, I forgot to mention, I already did this. i tried both methods,
manually editing the gpg.conf and the option in Enigmail.
[...]
The System I'm currently running uses Windows 7 so thats not the Problem
can you report the version of gpg you have
On 06/03/2014 04:42 PM, Daniel wrote:
Am 03.06.2014 22:30, schrieb Daniel Kahn Gillmor:
you may also want to add --keyserver-options debug to see more
info.
Not Working:
enigmail C:\Program Files (x86)\GNU\GnuPG\pub\gpg.exe --charset
utf-8 --display-charset utf-8 --keyserver-options
ca
On 06/03/2014 05:34 PM, Daniel wrote:
Am 03.06.2014 22:47, schrieb Daniel Kahn Gillmor:
I don't know how to set the language environment to C in windows
either, but let's go with this one for now.
can you show a full cmd transcript of the above command, but also
with --keyserver-options
On 06/03/2014 06:17 PM, Daniel wrote:
Am 03.06.2014 23:48, schrieb Daniel Kahn Gillmor:
the above doesn't look like it's being run from a cmd prompt. If
you're running windows 7, click the start button, and then in the
search box, type cmd (without the quotes) and hit enter.
you'll get what
Hi Nicolai--
On 06/06/2014 04:39 AM, Nicolai Josuttis wrote:
I am about to make the enigmail UI more convenient/self-explaining.
So, I have the following problem:
I want to give three choices for encryption (and other options):
1) use default setting and rules
2) turn encryption on
3) turn
On 06/15/2014 08:53 AM, Philip Jackson wrote:
But when I want to send a signed email, it presents first the OpenPgp
confirmation dialog and when I select OK, it immediately gives the error
message Bad passphrase without having given any opportunity to provide the
passphrase.
you didn't
On 07/07/2014 06:01 PM, Nicolai Josuttis (enigmail) wrote:
OK, thanks a lot.
We added a warning dialog for those switching to 1.7
yep, i did see the warning dialog.
to double check preferences
because we assumed that there are issues.
Although we didn't THAT issue.
Too much changes there
i am seeing the following misbehavior with the 1.7 beta i packaged from
yesterday (i have convenient encryption set as the default):
When i reply to a message from someone for whom i have a key, more often
than not, the default leaves the message unencrypted.
When i send a new message to that
hi folks--
a friend recently sent me a PGP/MIME encrypted/signed message from
k-mail 1.13.7.
enigmail decrypted it but claimed bad signature.
Looking at it in more detail, i see that the message is structured like
this:
A └┬╴multipart/encrypted
B ├─╴application/pgp-encrypted attachment
C
On 07/09/2014 05:20 AM, Olav Seyfarth wrote:
I don't see that behaviour here, so could you please be more specific on your
settings:
- global sending settings convenient
The Sending tab shows Convenient encryption settings is set.
- global key selection settings
[X] By Per-Recipient
On 07/10/2014 06:18 PM, Samir Nassar wrote:
On Thursday, 2014-07-10 17:53:52 Daniel Kahn Gillmor d...@fifthhorseman.net
wrote:
But i'm concerned because it seems like enigmail ought to be able to
parse the kmail construction, at least if the top-level cleartext part
is itself multipart
On 07/11/2014 12:47 AM, Daniel Kahn Gillmor wrote:
Could you send me (privately) an encrypted and signed message with your
kmail instance? I don't care what it says, but leave the body as a
simple text/plain part -- no HTML formatting or attachments, and ask
kmail to sign/encrypt with PGP
On 07/11/2014 11:32 AM, Patrick Brunschwig wrote:
Enigmail can decrypt/verify both methods. However, unless you use
Enigmail 1.7 (or nightlies) KMail emails cannot be verified correctly.
Hm, i don't see a release of 1.7 on https://enigmail.net/ and there has
been no announcement on this mailing
On 07/11/2014 11:43 AM, Daniel Kahn Gillmor wrote:
But i do see a signed tag enigmail-1-7 in the git repo from 2 days ago.
I'll go ahead and package that for debian :) Should i be looking
elsewhere for release announcements?
hm. that signed tag for enigmail 1.7 contains a ./configure
On 07/15/2014 01:23 PM, Martin Vegter wrote:
What is the recommendation, then?
Should inline-PGP be used preferably, when sending plain messages
(without attachments) ?
that's for your correspondents to decide, and not something you have
control over there are much better arguments (in both
On 07/15/2014 03:00 PM, Otto de Voogd wrote:
Actually, I'd like Enigmail to either show clearly that a key is revoked
(as one would see when querying the keyserver), or not show revoked keys
at all.
The keyservers do not check whether the revocation is cryptographically
correct, so their
hi enigmail folks--
reading the commentary in:
https://sourceforge.net/p/enigmail/bugs/144/#665e
suggests that the engimail preference to save drafts in encrypted form
will only work if a keyID is set for the account preferences.
Is this still the case?
If so, i find it surprising that the
I think opportunistic mode is matching based on case-sensitive e-mail
addresses; while this is arguably appropriate for the local-part of the
e-mail address, the domain part should be matched in a case-insensitive
fashion.
For example:
I'm using enigmail 1.7.2, with convenient opportunistic mode
On 09/15/2014 06:33 AM, James Tandy wrote:
Alt-tab'ing to the window is not an option, as this popup window appears at
the very end of the window list, nowhere
near the thunderbird compose window. (Most irritating when you have like 15
programs running)
this isn't a fix at all, but a
On Sat 2014-07-12 13:09:35 -0400, Patrick Brunschwig wrote:
On 09.07.14 00:10, Daniel Kahn Gillmor wrote:
i am seeing the following misbehavior with the 1.7 beta i packaged
from yesterday (i have convenient encryption set as the
default):
When i reply to a message from someone for whom i
On 10/10/2014 09:50 AM, Tobias Hahn wrote:
Am 08.10.2014 um 17:27 schrieb Patrick Brunschwig:
If you use the convenient composition mode (which means that
emails are automatically encrypted if the keys for all recipients
are found), then it's easy to determine if you got all keys: the
key
On 11/04/2014 10:58 AM, HW42 wrote:
[I'm reporting this here and not on the bug tracker since I don't want
to agree to a few pages TOS for reporting a bug (sf account required)]
When an correctly PGP/MIME signed email is attached to an unsigned
email enigmail wrongly verifies the attached
On 11/04/2014 11:39 AM, Daniel Kahn Gillmor wrote:
On 11/04/2014 10:58 AM, HW42 wrote:
When an correctly PGP/MIME signed email is attached to an unsigned
email enigmail wrongly verifies the attached mail and not the real mail.
yes, this is a problem, and was noted on this list back
On 11/10/2014 11:51 AM, Ludwig Hügelschäfer wrote:
On 10.11.14 22:46, Daniel Kahn Gillmor wrote:
I'm not seeing either of these alerts when sending
encrypted+signed messages with PGP/MIME using enigmail 1.7.2 and
gnupg 2.1.0 on debian GNU/Linux, x86_64 (amd64) platform.
Are you sure
Hi Michael--
On 11/21/2014 11:54 AM, Michael Carbone wrote:
I draft an email to a recipient whose public key I have. I have signing,
encryption, and PGP/MIME on by default. I proactively turn off
encryption and/or signing, which is verified in the visual cues in the
Compose window as well as
On 12/14/2014 05:45 PM, Ian Mann wrote:
On 15/12/14 08:36, outa wrote:
I recently upgraded to Kubuntu 14.10. Since then gpg started to show that
warning message about Gnome Keyring hijacking it. So I disabled Gnome
Keyring and switched to gpg-agent again, like before. However, each time I
On 12/15/2014 05:39 PM, outa wrote:
$ echo $GPG_AGENT_INFO
/run/user/1000/keyring-BUeGSx/gpg:0:1
I'm a little surprised by this, since i don't think this is where
gpg-agent 2.0.24 usually puts its socket.
FYI, I initially disabled GNOME Keyring by adding the following lines to a
startup
On Wed 2015-02-04 12:13:18 -0500, Patrick Brunschwig wrote:
We recently discussed in (a part of) the Enigmail team that we should
think about giving up support for GnuPG 1.4.x.
Reasons:
* GnuPG 2.0 was released in November 2006; it has proven for a long
time to be stable.
* While GnuPG 1.4
Hi Jogi--
On Tue 2015-01-20 07:22:38 -0500, Jogi Hofmüller wrote:
after an upgrade of my Debian System that brought me enigmail 1.7.2
(20141123-1552) I cannot send encrypted emails anymore. The error I get is
Fehler - Verschlüsselung fehlgeschlagen (error - encryption failed)
/usr/bin/gpg2
On Wed 2015-01-21 05:10:28 -0500, Jogi Hofmüller wrote:
I was informed that the description in my last email was not verbose
enough to reproduce the problem. So here is more (hopefully useful) info.
Thanks, i think it is useful.
The original problem occurs when enigmail attempts to list all
On Wed 2015-01-21 05:58:40 -0500, s7r wrote:
Understood. I guess this has to be done via console commands, since
the pour enigmail thundebird addon has very limited options when
creating/editing a GPG key.
yes, what you're trying to do is rather unusual; enigmail intends to
deliver a smooth
On Tue 2015-01-20 15:49:16 -0500, Jogi Hofmüller wrote:
/usr/bin/gpg2 --charset utf-8 --display-charset utf-8 --batch --no-tty
--status-fd 2 --with-fingerprint --fixed-list-mode --with-colons --list-keys
Actually the error also occurs on the command line but it's not
visible.
Sorry, i don't
On Wed 2015-01-21 11:55:19 -0500, Jogi Hofmüller wrote:
Am 2015-01-21 um 17:35 schrieb Daniel Kahn Gillmor:
It sounds to me like these are OpenPGPv3 (PGP-2) keys, which are
probably due to be replaced. Can you try stashing those keys in a
separate file, and then removing them from your
On Thu 2015-01-15 19:46:32 -0500, K Richard Pixley wrote:
Having disabled or removed enigmail, how do I restore the ability to
render html mail?
I think html mail gets rendered fine in this scenario; i suspect you're
asking about composing messages in HTML.
You can compose a message in HTML
On Wed 2015-02-11 07:58:55 -0500, RLB wrote:
My setup works well with Adele and another live user, but a Startmail
correspondent can't decrypt. He gets the cyphertext but his Startmail
doesn't recognize it as being encrypted. Any suggestions?
I think you're talking about
Hi Joshua--
On Tue 2015-02-10 10:18:56 -0500, Joshua Rogers wrote:
I sent an example to somebody, and they forwarded the email back to
me(as a ForwardedMessage.eml), and commented in the forward.
When I sent the email, I signed it.
When they forwarded the email back to me, despite not coming
On Thu 2015-02-12 11:37:28 -0500, Patrick Brunschwig wrote:
On 12.02.15 15:07, Besnik Bleta wrote:
1. Error - No valid armored OpenPGP data block found
Does armored refer to some specification or is just kind of
metaphor/description?
armored is the term used by GnuPG to identify a part in
On Wed 2015-02-04 17:28:48 -0500, Doug Barton wrote:
Nope, I understood the timeline perfectly. :) There are still a lot of
Linux distros that use 1.x by default, and that is not going to change
any time in the next several years.
fwiw, in debian, the GnuPG maintainer team has been
On Wed 2015-03-18 03:26:02 -0400, Patrick Brunschwig wrote:
Yes, I think we can move away from enigmail-x-y to enigmail-x.y. I'll
try to remember this when doing the next release.
great, thanks! If it would help any to have this decision recorded in
the repo, you could duplicate the 1-8 tag as
hi enigmail folks--
after running make in 1.8, i see the contents below in unused.txt.
Many of these do indeed seem to be unused. Would a series of patches
that clean them up be welcome, or are they being kept around for some
reason?
--dkg
unused labels:
On Tue 2015-03-17 22:51:18 -0400, Ian Mann wrote:
I have used the beta, and participated in nightly, and 1.8 is perfect to me.
I like it just how it is.
I also think the message composition toolbar is a great usability
improvement. Thanks for all the hard work that went into making
something
hi enigmail folks--
I see that there are now test suites in the enigmail source!
I'm interested in running them on the debian buildd infrastructure (many
different platforms) to see if they can catch any issues.
I don't see any suggestions on how to run the tests effectively, though,
or what
On Thu 2015-03-19 13:36:17 -0400, Patrick Brunschwig wrote:
I pushed a number of changes that remove support for GnuPG 1.x from
Enigmail. The main objective was to remove anything concerning
passphrase handling from Enigmail, as GnuPG 2.x does this by itself.
gpg 1.4.x can also do the
[redirecting to gnupg-devel, setting mail-followup-to: there]
On Wed 2015-03-25 18:26:38 -0400, Robert J. Hansen wrote:
My guess is that this is for added security.
Correct. Werner Koch has said several times that he will not change the
code to permit CP into the dialog box, as that would
On Thu 2015-02-26 12:36:44 -0500, Patrick Brunschwig wrote:
I have created the first *beta* release of Enigmail v1.8. It contains
many changes to the user interface, especially message composition,
and quite a lot of bugs were fixed.
I would appreciate to get as many bugs reported as
On Wed 2015-03-18 15:24:50 -0400, Doug Barton wrote:
I've done what you've done in the past, sit down with a room full of
people and explain to them how PGP works, the barest of fundamentals
they need to know in order to get started, and walked through some demo
e-mails. I've done this with
On Wed 2015-03-18 01:39:06 -0400, Doug Barton wrote:
I buy that argument, but it seems much more reasonable to me to make
sign and encrypt buttons that show up in the composition toolbar. This
would mean that we get the same usability improvement, but no additional
screen real estate would
[reordering for chronological sanity]
On Mon 2015-04-13 17:44:06 -0400, Ian Mann wrote:
On 14/04/15 07:23, Anthony Papillion wrote:
I usually update my keys once a week from within Enigmail since it's
convenient. As of the last update, every time I try to interact with a
keyserver (send or
On Tue 2015-04-28 10:43:06 -0400, Johannes Kastl wrote:
is it possible to tell Enigmail to always wraps before sending,
instead of bothering me each time I send a mail?
Also, my line wrap is set to 72 characters, I do not know why
enigmail wants to wrap that again. And I found no way to tell
0x3714729214D5DA70 instead of primary key 0xCCD2ED94D21739E9
gpg: encrypted with 4096-bit RSA key, ID 0x3714729214D5DA70, created 2015-01-21
Daniel Kahn Gillmor d...@fifthhorseman.net
gpg: AES256 encrypted data
# off=548 ctb=a3 tag=8 hlen=1 plen=0 partial
:compressed packet: algo=2
# off=550 ctb=cb tag
On Thu 2015-05-14 14:23:03 -0400, Robert J. Hansen wrote:
(pubring.kbx is readable by others for a simple reason -- it's public
data!)
It may be public data, but the particular composition of your keyring is
as sensitive as the list of names in your address book, which many
people would prefer
package/enigprefs-service.js mentions that it is dual-licensed MPL-1.1
or GPL, but it doesn't indicate which version of the GPL. Other
dual-licensed parts of the codebase are explicitly GPL 2 or later (or
triple-licensed MPL-1.1|GPL-2.0+|LGPL-2.1+)
Adopting this patch (or something like it)
On Sat 2015-04-18 12:43:07 +0200, Alexander Buchner wrote:
On 18.04.2015 12:00, Olav Seyfarth wrote:
Hi Daniel,
I just noticed that https://www.enigmail.net/download/source.php seems to
contain cleartext http links for the sourcecode tarballs (e.g.
Hi enigmail folks--
I just noticed that https://www.enigmail.net/download/source.php seems
to contain cleartext http links for the sourcecode tarballs
(e.g. http://www.enigmail.net/download/source/enigmail-1.8.2.tar.gz).
I don't think https is a legitimate substitute for proper signatures
over
In a thread over on open...@ietf.org, i did a little thinking about the
UI/UX for cleartext signature verification in e-mail clients.
A thought experiment about clearsigned messages follows; i'd be happy to
hear feedback.
* For cleartext messages, what if enigmail treated a bad signature and
Hi Mike--
On Tue 2015-04-07 17:55:49 -0400, Mike Acker wrote:
1. you don't want to leave the user guessing: this is a very bad trait
in software and when it is manifest it makes the users mad. if the
signature is invalid,-- say so; if the signature does not validate the
message: say so.
On Tue 2015-04-07 16:52:51 -0400, Philip Jackson wrote:
I would prefer to have the information that the signature existed but
was broken. This provides a hint that the sender cared sufficiently
and believed that the message content deserved a signature. It is an
item of meta-data that should
1 - 100 of 238 matches
Mail list logo
