New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support Autocrypt #535
Comments
See https://autocrypt.org/en/latest/dev-status.html for implementation status. This is really to be adopted by different mail clients. Also the German mail provider Posteo already announced to support Autocrypt, too (i.e. by adding headers if needed and DKIM signing them….). Provider support is not required for Autocrypt, but clearly helps. The English blog post about this is likely to be published soon. |
Hi, I'm using Posteo webmailer and your add-on in Waterfox and was very happy when I heard that Posteo implemented Autocrypt support. Finally I would have been able to communicate in an end-to-end-encryption manner out of the box with folks using e.g. Delta Chat. I was then a bit disappointed about the fact that Mailvelope does not (yet) support Autocrypt whereas others do. Seeing that there has not yet been any response to this issue since the beginning of September made me a bit worried. So, my question is if there are any plans to implement Autocrypt support soon? Thanks |
And here it is, the English blog post of Posteo: https://posteo.de/en/blog/new-easy-email-encryption-with-autocrypt-and-openpgp-header Also the first final version 1.0 of Autocrypt specification was released yesterday: https://autocrypt.org/level1.html So there is no more reason to ignore it. ;-) |
Is this possible to implement in Mailvelope? My cursory reading of the specification suggests that sending a custom header is required, and afaik this is not possible through Gmail's web interface, to say nothing of other providers. |
Hmm, don't know. However at least the receiving part should be possible to implement, of mailvelope can read the headers of the full mail. Always talking about the api mode, of course. I doubt it is possible in the simple web interface mode. |
Decryption of received messages would already be very nice, but is it at all feasible to intercept mails sent through the Gmail web interface and send them through the Gmail SMTP server (from within Mailvelope)? |
Receiving the Autocrypt header and adding the key to Mailvelope would already be quite cool. Are there any plans to support this? Using Posteo, Autocrypt header containing my public key is automatically added when sending emails anyway. |
I assume this needs a new API. |
My understanding is that the API change would need to be supported by the webmail provider as well. Note that Posteo also provides https://wiki.gnupg.org/WKD to let others get your pubkey. This has better security propierties than autocrypt because it allows others to encrypt (without user interaction) in more cases. (It is very likely that Mailvelope will get WKD support as part of the https://github.com/mailvelope/mailvelope/wiki/mw2018 contract.) |
Ah thanks FYI. BTW your links yields a permission error. The correct one may be https://github.com/mailvelope/mailvelope/wiki/mw2018. |
@rugk thanks! (The link once worked, I've edited my comment for the flow of other readers.) |
I'm starting to work on Autocrypt support in Mailvelope. Will collaborate on this with folks from posteo as well. Roadmap so far is:
|
I heard that there has been some progress on this. Could we get an updated roadmap? :) |
Thanks for the reminder @Valodim .
These two are particularly interesting because they do not require any provider support as Mailvelope handles encryption and decryption itself. |
I see that Autocrypt is mentioned on the blog with the release of v4 of Mailvelope. However, your message here implies support is not complete yet. Could you make it clear what exactly was implemented so far, and what not? With autocrypt gossip, do you refer to the autocrypt header? Thanks for any reply :) |
I assume "gossip" here refers to the |
FTR, related issue enable by default "Use keys from Autocrypt headers of incoming email" |
https://autocrypt.org/en/latest/
Already supported by the devel branch of K-9 and Enigmail.
The text was updated successfully, but these errors were encountered: