On Thu, 2019-10-17 at 17:40 +0200, Patrick Brunschwig wrote: > In all cases, we certainly won't re-write GnuPG or similar. The > question > on the table is: do we continue to use GnuPG (be it directly or via > gpgme), or do we use a different OpenPGP implementation (and if yes > which one). There are certainly good arguments for both. >
I am a GnuPG user, not an expert and certainly not a developer, so you may take my suggestions with a grain of salt. Following this thread about future OpenPGP support in Thunderbird prompted me to begin trying other MUAs. Why? Because if Thunderbird implements its own OpenPGP scheme, I wonder whether it will include features I consider important like smartcard support. It is unlikely to have a configuration file like gpg.conf that enables me to fine-tune both email and file encryption. For the past couple of days I have been using Evolution. It just works with GnuPG. I don't know or care how. It encrypts, decrypts and verifies signatures. There was no set-up required. My Yubikey works because Evolution calls GnuPG instead of using a proprietary implementation. AFAIK only GPG does that. Protonmail, Mailvelope, FlowCrypt, and Mailfence do not. You could probably build in smartcard support and any other feature I can name, but why grapple with what GnuPG already does well? Why spend your time trying to head off the next security threat when Werner & Co. will do it for you? Enigmail has great features like the key manager and per-recipient rules. Focus on those. Make Thunderbird encryption easy to use for novices without driving off more experienced users. Like Enigmail, I use only a tiny fraction of GPG's commands and options. The fact that GPG can do things I find esoteric is of little concern to me, but I'm glad those features are there for people who need them. The complexity of GnuPG does not make its use complex the average users or for apps providing GPG front-ends. They simply ignore what they don't need. The only thing I see that internal OpenPGP accomplishes is saving the Windows user the task of installing GnuPG. Anyone who uses Thunderbird knows how to install software. You can probably arrange with Werner for a permanent link to the latest simple installer. Automatically check for GnuPG when Thunderbird is installed on Windows. If it isn't there, offer one-click installation. I started using Thunderbird because of Enigmail, not the other way around. I haven't been a fan of some recent developments like pEp and defaulting to "junior" mode, but I recognize their usefulness to new users and can easily work around them myself. My take on your original explanation of the reason for Enigmail's pending demise is that a changed Thunderbird plug-in scheme makes it more efficient to build Enigmail functionality into the MUA. Why not stick with that and focus on what has made Enigmail successful? Jeff Allen
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users