[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ESD-translators] mailvelope Re: pEp

From: Tomas Stary
Subject: [ESD-translators] mailvelope Re: pEp
Date: Wed, 25 Jul 2018 21:17:52 +0200

Hi people,

It has been brought to my attention, that many of my friends use
webmail. The concept of an email client is slowly becoming obsolete.
When I send the link to ESD website to one of my friends, she replied:

I tried to activate mail encryption, but from add-ons on my gmail, there
is no option for "Enigmail", as described on the website you sent to me.

Trying to teach those people about email clients besides of teaching
them encryption would only add to their confusion. However, I have
recently found the mailvelope browser extension (for firefox and
chrome), which integrates the encryption in webmail.

They have pretty good documentation on the website, but it is only in
English, German and Japanese.

What is your opinion on (1) mailvelope as such (2) including a manual to
mailvelope to ESD website?



Tomas Stary:
> Hi everyone,
> I've noticed that the new version (2.0.2) of Enigmail sets up Pretty
> Easy Privacy (pEp) [1] to all new users by default.
> The pEp automatically generates a keypair for all the accounts in
> Thunderbird and attaches the public key to all outgoing emails. It
> doesn't use keyservers. Instead it advises users to verify the keys
> fingerprints via other communication medium (i.e. phone call, physical
> contact). When the certificate is about to expire it generates a new key
> and starts attaching the new pubkey again.
> Also, all outgoing emails to addresses with a known key are encrypted
> and signed. A status of the communication integrity is shown based on
> the traffic-light colours.
> Another interesting feature is the possibility to securely transfer the
> private key to another connected device (phone, tablet) using the email
> server as temporary storage of the encrypted private key.
> There are some questionable changes as well. For instance, the password
> is not required to encrypt the key localy, so anyone with the access to
> the key can use it directly without the need to enter a password.
> Although, the possibility to set up one is there.
> Has any of you tested pEp already? Should we update the guide to reflect
> this change?
> [1]
> T.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]