On 8/26/20 3:12 PM, Mark wrote: > > On 8/24/2020 5:29 PM, Eli Schwartz wrote: >> Fortunately, Thunderbird will have optional support for delegating >> private key actions (decrypt, sign) to an external GnuPG keyring. This >> is primarily being advertised in order to support smartcards. However, >> GnuPG won't care whether the private key is in the keyring directly or >> used via a smartcard. ;) >> >> See https://wiki.mozilla.org/Thunderbird:OpenPGP:Smartcards > > That sounds interesting, although still a bit unsure how (well) it will > work. I guess I will have to see it in practice first. > >> My understanding is that they won't be kept in sync at all, period -- >> though Enigmail's migration tool will do a one-time import from GnuPG >> into TB's internal store. >> >> This is not my ideal use case, but since I will only be using it for >> public keys, not private keys, it's not a dealbreaker for me. :) > > > So if you get a new or updated public key (after the initial > importation) it sounds like you may to jump through a few hoops to get > that make sure your public keyrings are in sync. Hopefully there will be > some sort of fix for this
Yes, but that would be mitigated by just regularly refreshing the keyring, which is pretty hands-off. The --lsign-key/--sign-key status would be a bit more bothersome to sync, but apparently things are in a state of flux there and it isn't settled whether to use the Web of Trust in Thunderbird or how to handle overloaded keyservers or new key servers that only record self-sigs. And *that's* the main thing I'm still keeping an eye on to see how it plays out. -- Eli Schwartz Arch Linux Bug Wrangler and Trusted User
signature.asc
Description: OpenPGP digital signature
_______________________________________________ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
