Re: [Evolution-hackers] Support for Autocrypt?
On Mon, 2017-12-18 at 21:25 +0100, Anna Marei wrote: > What about Evoulution? Hi, just for the record, there's filled: https://bugzilla.gnome.org/show_bug.cgi?id=792045 for it. Bye, Milan ___ evolution-hackers mailing list evolution-hackers@gnome.org To change your list options or unsubscribe, visit ... https://mail.gnome.org/mailman/listinfo/evolution-hackers
Re: [Evolution-hackers] Support for Autocrypt?
On Wed, 2018-01-03 at 01:55 +0100, Ángel wrote: > - Adding a UI option of "encrypt with autocrypt" (?) > - Figure out how and where to implement in the composer the option to > encrypt or not, it needs querying the autocrypt backend in order to > show > a state of enabled/available but discouraged/unavailable. Which > itself > depends on the current recipients. If you'd like to review a hack, a nasty, crufty, but pretty GUI hack of the gpg binary (please god don't do this): https://inkscape.org/en/paste/11864/ It's a python script that wraps Evolution's call out to gpg to ask the keyserver for possible keys. Shows them in a GUI and adds them to a user's keyring. You might be able to play with something similar to figure out your workflow and then code it properly. A plugable encryption setup would be pretty sweet in evolution, especially if it was kind enough to other Free Software email clients to be compatible with them all. I'd have edited evolution itself, but as an Ubuntu user evolution development is very hard for us and I was never able to get it to build. Best Regards, Martin Owens Destroyer of Security ___ evolution-hackers mailing list evolution-hackers@gnome.org To change your list options or unsubscribe, visit ... https://mail.gnome.org/mailman/listinfo/evolution-hackers
Re: [Evolution-hackers] Support for Autocrypt?
I expect that having a basic support for a *subset* of the autocrypt spec wouldn't be too hard, given that gpg support is already well-supported. The basic pieces would be: - Key creation (initially, this could be done with a separate script) - Adding your own autocrypt header on email send. - Detecting when a message was received with an autocrypt header, so that the included keys can be learned (it could be deferred until when the message is read, but if it's available earlier -eg. because the message was downloaded for checking filters-, the better). - Decryption would probably already work if the pgp key is stored at the right place. - Adding a UI option of "encrypt with autocrypt" (?) - Figure out how and where to implement in the composer the option to encrypt or not, it needs querying the autocrypt backend in order to show a state of enabled/available but discouraged/unavailable. Which itself depends on the current recipients. I am skipping for now the part for transmitting the keys between MUAs using a special message. ___ evolution-hackers mailing list evolution-hackers@gnome.org To change your list options or unsubscribe, visit ... https://mail.gnome.org/mailman/listinfo/evolution-hackers
Re: [Evolution-hackers] Support for Autocrypt?
On Tue, 2018-01-02 at 16:32 +0100, Tobias Mueller wrote: > How feasible is it, though, to implement this as a plugin to > Evolution? > AFAIU it would need to be able to get the context in terms of what > headers the currently replied-to email has. Hi, I read the project page only briefly, and one thing there was that the client stores the GPG keys somewhere once they are received and any further communication is done encrypted (it implies to me that really any further communication, not only that single thread, but I can be wrong). Adding the header to to-be-send message is particularly easy, the composer has a signal emitted before sending. Checking which message had been replied to is tricky, that may eventually require some changes. Passing custom keys into GPG through CamelGpgContext is not doable at the moment, neither extracting the key from the key ID (there is saved only the key ID in the account preferences). The context relies on keys stored within gpg itself. Thus, rather than a plugin, it might be done directly in evolution(- data-server). Bye, Milan ___ evolution-hackers mailing list evolution-hackers@gnome.org To change your list options or unsubscribe, visit ... https://mail.gnome.org/mailman/listinfo/evolution-hackers
Re: [Evolution-hackers] Support for Autocrypt?
On Tue, 2018-01-02 at 10:12 -0500, Martin Owens wrote: > On Tue, 2018-01-02 at 13:45 +0100, Milan Crha wrote: > > thus there's a problem with interoperability (at the moment) > > and basically no use for it in corporate environments (read: with > > Outlook users), thus definitely no high priority for me. Once you > > have > > a feature request filled you can also convince someone to work on > > it > > and provide patches. > > This is off-topic slightly, but isn't letting outlook define the > feature set of evolution like letting IE 6 define the features of > firefox? Hi, I definitely didn't want to sound that way, I swear. My idea behind the mentioning of the Outlook was rather meant to be an example of other client which does not have it (yet), but many people are still using it. The thing is that the current man power on the evolution(-data- server) is very limited, thus it's better to focus on things affecting majority, rather than minority, of the users (that's a subjective measure, I'm sorry). That's the reason why I mentioned that patches are welcome, because I'm not against the idea, I'd only prefer to review patches, than work on it myself. Bye, Milan ___ evolution-hackers mailing list evolution-hackers@gnome.org To change your list options or unsubscribe, visit ... https://mail.gnome.org/mailman/listinfo/evolution-hackers
Re: [Evolution-hackers] Support for Autocrypt?
On 2018-01-02 12:45, Milan Crha wrote: On Mon, 2017-12-18 at 21:25 +0100, Anna Marei wrote: What about Evoulution? thus there's a problem with interoperability (at the moment) and basically no use for it in corporate environments (read: with Outlook users) Pitching it as a chicken and egg problem is a bit absurd when a user hands you an egg. Autocrypt is just a MIME header so clients that don't understand it will ignore it. The failure case is handled by the specification and so there's no real inter-operability problem here. Outlook has never taken up PGP - because S/MIME has always been pitched as the corporate secure email solution. But that shouldn't stop everyone else deploying it (and thus encouraging them to support it anyway). I'm busy with other projects unfortunately or I'd find the time to help Evolution implement it. - Philip ___ evolution-hackers mailing list evolution-hackers@gnome.org To change your list options or unsubscribe, visit ... https://mail.gnome.org/mailman/listinfo/evolution-hackers
Re: [Evolution-hackers] Support for Autocrypt?
Hi. On Tue, 2018-01-02 at 13:45 +0100, Milan Crha wrote: > The > biggest problem is that the whole thing depends on the mail > applications, as both ends should use clients which understand the > feature, thus there's a problem with interoperability (at the moment) > and basically no use for it in corporate environments (read: with > Outlook users) Well. The spec has just been released, so I'm not surprised that the number of clients supporting autocrypt is not at its peak just yet. How feasible is it, though, to implement this as a plugin to Evolution? AFAIU it would need to be able to get the context in terms of what headers the currently replied-to email has. If it is possible indeed, then I could imagine this to be an extended internship with the GNOME community. Cheers, Tobi ___ evolution-hackers mailing list evolution-hackers@gnome.org To change your list options or unsubscribe, visit ... https://mail.gnome.org/mailman/listinfo/evolution-hackers
Re: [Evolution-hackers] Support for Autocrypt?
On Tue, 2018-01-02 at 13:45 +0100, Milan Crha wrote: > thus there's a problem with interoperability (at the moment) > and basically no use for it in corporate environments (read: with > Outlook users), thus definitely no high priority for me. Once you > have > a feature request filled you can also convince someone to work on it > and provide patches. This is off-topic slightly, but isn't letting outlook define the feature set of evolution like letting IE 6 define the features of firefox? I understand the business case for the prioritisation. But policy wise, shouldn't the Free Software world also want to make features that aren't interoperable, but in a way that invites proprietary email clients to support them. (i.e. documenting them in a project neutral space and making sure it's using as much existing tech as possible) Best Regards, Martin Owens ___ evolution-hackers mailing list evolution-hackers@gnome.org To change your list options or unsubscribe, visit ... https://mail.gnome.org/mailman/listinfo/evolution-hackers
Re: [Evolution-hackers] Support for Autocrypt?
On Mon, 2017-12-18 at 21:25 +0100, Anna Marei wrote: > What about Evoulution? Hi, you can file a feature request into GNOME bugzilla [1], but after a brief reading of their web site, they use GPG and they avoid key servers, while, from my point of view, the GPG is built on top of Web Of Trust, which they kind of break. They also claim that the way it is done is weak on Man-In-The-Middle attacks, with which I agree. The biggest problem is that the whole thing depends on the mail applications, as both ends should use clients which understand the feature, thus there's a problem with interoperability (at the moment) and basically no use for it in corporate environments (read: with Outlook users), thus definitely no high priority for me. Once you have a feature request filled you can also convince someone to work on it and provide patches. Bye, Milan [1] https://bugzilla.gnome.org/enter_bug.cgi?product=evolution-data-server > ___ evolution-hackers mailing list evolution-hackers@gnome.org To change your list options or unsubscribe, visit ... https://mail.gnome.org/mailman/listinfo/evolution-hackers
[Evolution-hackers] Support for Autocrypt?
Hej there, could you implement Autocrypt in the next version of Evolution? https://autocrypt.org/en/latest/details.html It seems to make sending encrypted mails more easy. And i guess that needed to push non-technical people to use it as well. My email provider already supports Autocrypyt - their blog article is unfortunately only available in German for now: https://posteo.de/blog/neu-vereinfachte-e-mail-verschl%C3%BCsselung-mit-autocrypt-und-openpgp-header But i guess you will get all the things you need on the Autocrpyt website/documentation. Thunderbird with Enigmail and Android K9 App will support Autocrypt in their next versions too. What about Evoulution? Best wishes! ___ evolution-hackers mailing list evolution-hackers@gnome.org To change your list options or unsubscribe, visit ... https://mail.gnome.org/mailman/listinfo/evolution-hackers