[Feature Request]: PGP Encryption / GPG Support / Keybase #25
Comments
bengotow
changed the title
|
Hey @heywoodlh — thanks for reaching out! There used to be a Keybase plugin for Nylas Mail that added GPG encryption to the app, and theoretically it /should/ still mostly work. In a few months, Mailspring will have a plugin browser built into it and I think it'd be great to have an encryption plugin in there. If anyone has some time to dive in to this, it'd be great! |
|
In OS X I can't use the menu to install plugins. Is there any way for me to install the plugin manually in Mailspring? I would totally love to dig into it and report back. |
|
Oh wow - yeah, it just... doesn't work. I'll see if I can get that fixed. In the meantime, if you want to install a plugin open |
|
Perfect, thank you for the quick responses. I'll work on getting that plugin installed and see how it goes. |
|
I found an open source N1 PGP plugin called Cypher and forked it here. I placed it in ~/Library/Application Support/Mailspring/packages/ and when I run MailSpring I get an error in the developer's console stating that it cannot find the module 'nylas-export'. Not sure where that module is, as I cannot seem to find it in the original Nylas Mail repository, in the Mailspring repo, or in the cypher repository that I forked. Attached is a copy of the error log: I am submitting this here to ask for additional help as I am not a developer and I think this would really be a great feature to add to Mailspring. I opened an issue on the repository I forked here. Any help fixing this would be appreciated. :) |
|
Probably due to "disabledPackages": [
"message-view-on-github",
"personal-level-indicators",
"phishing-detection",
"nylas-private-salesforce",
"github-contact-card",
"keybase",
"composer-markdown",
"composer-scheduler",
"composer-mail-merge",
"send-and-archive",
"main-calendar"
] |
|
@buildersbrewery I'll have to take a look at that tomorrow. Do you have a proposed solution? |
|
S/MIME support would also be a nice feature to add. :) |
|
👍 for re-adding keybase integration in the future again. |
|
Would love to see keebase/gpg support! |
|
Just as a note, once gpg support is working, I'll become a paying customer. |
…76#25) * Implementing a descending order view of the message list * Moved the option under the reading section in preferences and changed the wording of the option * Forgot to update .gitignore
|
I also need this to fully migrate away from firefox. |
|
Any news on this feature? |
|
Would also love to see this feature. I know Keybase has an open source javascript implementation of PGP (https://github.com/keybase/kbpgp), I even helped implement some features (signing, signing and encryption) onto a website you can find here: https://thechiefmeat.github.io/pgp/ Seeing as the client uses quite a bit of Javascript already, you should be able to implement kbpgp into the client, I'd even help out if that meant getting this feature done :) |
|
Another +1. I could repeat many statements from the above comments. This is a very important feature for Mailspring to get more users/customers. |
|
And another +1. Really looking forward to this feature, so I can use Mailspring as my only mail app. |
|
+1. I've been looking for a good looking email client that supports PGP encryption. If Mailspring starts supporting this it would be the perfect mail client. |
|
Me too! That said, it's a bad day for GPG: |
|
The EFF and the authors of that paper are doing PGP a disservice. There are some bugs in handling decryption failures in various email clients, PGP itself is mostly fine. |
|
In this case it is related to the email encoding and HTML features (sadly Mailspring allows only HTML, no plain text only right now). That is a serious issue and not just a simple implementation glitch and has nothing to do with the PGP algorithm being good or not. EFF seems right to recommend to switch GPG / S/MIME off completely in the clients. Sadly. |
|
Another +1 for GPG. |
|
+1 |
1 similar comment
|
+1 |
|
Any news on this? Doing a test drive of the email client and this is a must for me. |
|
@bengotow Has there been any movement on this? It's a very important thing to be able to do, given just how holey the global email infrastructure actually is. I tried to load the old Nylas plugin, but nothing visible happens when I do. The disabled EDIT: It does enable, though. No errors in the console.
|
|
@RaitoBezarius fork it would be the best option regarding mailspring team decision not taking any action for so long about this extension importance. Unfortunately I as System Administrator do not have the right professional experience as Software Developer to take this role. Anyone who will, will be highly appreciated. |
|
sidenote: for whoever wants to tackle mailspring/PGP integration ...
- there is an active PGP implementors community around https://autocrypt.org
- several MUAs support Autocrypt (eg Thunderbird/enigmail, K-9 mail,
mutt, Delta Chat, Balsa, ...)
- the Autocrypt UI is pretty minimal
…On Tue, Jan 21, 2020 at 10:41 -0800, klention wrote:
@RaitoBezarius fork it would be the best option regarding mailspring team decision not taking any action for so long about this extension importance. Unfortunately I as System Administrator do not have the right professional experience as Software Developer to take this role. Anyone who will, will be very appreciated.
Regards
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
#25 (comment)
|
|
I am a React.js longtime developer so I think I could hack the feature
given enough time, I'm also very interested into having plaintext emails
which is another feature request.
But to be honest, I don't think I can pull it alone, I'd be glad if at
least someone else would lend me an hand just for some peer review.
If you guys are that interested into that, I'll try to see what how much
effort that would take and try to come up with a plan.
To be honest, I'm super interested into this too, I hate having two emails
clients because of this for now.
…On Tue, Jan 21, 2020, 19:47 holger krekel ***@***.***> wrote:
sidenote: for whoever wants to tackle mailspring/PGP integration ...
- there is an active PGP implementors community around
https://autocrypt.org
- several MUAs support Autocrypt (eg Thunderbird/enigmail, K-9 mail,
mutt, Delta Chat, Balsa, ...)
- the Autocrypt UI is pretty minimal
On Tue, Jan 21, 2020 at 10:41 -0800, klention wrote:
> @RaitoBezarius fork it would be the best option regarding mailspring
team decision not taking any action for so long about this extension
importance. Unfortunately I as System Administrator do not have the right
professional experience as Software Developer to take this role. Anyone who
will, will be very appreciated.
> Regards
>
> --
> You are receiving this because you are subscribed to this thread.
> Reply to this email directly or view it on GitHub:
>
#25 (comment)
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#25?email_source=notifications&email_token=AACMZRHL3L4OUMRBHTDJGQDQ647NBA5CNFSM4D5Y2SP2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEJQ2D7I#issuecomment-576823805>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AACMZRFFY54O72F2DVCS3SLQ647NBANCNFSM4D5Y2SPQ>
.
|
|
I too, would support a fork. Not sure I would be able to contribute my time, but privacy-focused mailspring sounds wonderful. However, how would the fork deal with the underlying sync engine mailspring runs off of? AFAIU, that is still closed-source.
not sure how large of an undertaking that is, or if there are any alternative engines to use. |
I don't think you could do PGP Encryption without supporting plaintext which is maybe why the dev's haven't focused on it. But I think being able to support plain text is likely the starting point. Unfortunetly I don't have time atm and last time I tried mailspring couldn't handle the volume of email i have to pull and filter. |
I agree ; for now, we can focus on adding nice privacy oriented features on the frontend, Mailspring has planned to open source the engine so we can hope they will honor their words, otherwise: Not only they just ignore feature requests for years, ignore requests to some pointers to implement ourselves some features (I asked many times, how should we go to add this feature and contribute back to upstream, they just ignore it), and eventually they lie to everyone.
Plaintext is a must, indeed. That's why I have #52 as priority first, then this feature. |
|
Hey folks! Going to merge #940 and #1240 into this so we can track interest in this feature in one place. I think this is definitely doable — I was hoping the community might pick up one of the old plugins and get it working because I don't know much about encryption, but I think it'd take a lot of debugging and tweaking. (We moved the whole app to TypeScript which complicates the use of the old CoffeeScript plugins from Nylas N1 a bit.) It should be possible to implement this as a plugin in the Mailspring UI—I think there's some separate interest in a privacy-focused fork removing the Mailspring ID concept, etc., but I'd encourage folks to create a bogus Mailspring ID during sign up and then block id.getmailspring.com if you're concerned about telemetry or pro features. Rolling an encryption / message signing plugin into the mainline app will make it accessible to a lot more folks! (If you don't use the pro features like link tracking everything should work fine with the hostname blocked - we also don't do any email verification when you create a Mailspring ID, so you can use something totally fake if you'd like.) I think @RaitoBezarius is right that plaintext composing is probably step 1 here. That's been on the backlog for a long time and I can look at getting that implemented since it'll take a few changes to the SMTP requests and MIME building. Beyond that, I'd love to collect some specific feedback / info from everyone who has used message encryption before, since I don't know much about it.
|
|
On Mon, Feb 17, 2020 at 09:09 -0800, Ben Gotow wrote:
- Is there a gold standard plugin for Thunderbird, etc. that we can look at or clone?
The most popular (and complex) TB e2e-encrypting e-mail plugin is "Enigmail" --
it implements a variety of key management and encryption UX.
It has grown for over 15 years and is intimately tied to Thunderbird.
A fresh and simple plugin is @Valodim 's Thunderbird plugin
https://github.com/autocrypt-thunderbird/autocrypt-thunderbird
which adds a minimal UX and has no dependencies on gpg or keyservers.
Vincent is also co-authoring OpenKeyChain and K9-mail on Android.
This plugin can e2e-encrypt e-mails with a growing number of MUAs
(including enigmail), see here https://autocrypt.org/dev-status.html
Myself, i am coming from the https://delta.chat project, an e-mail based
chat messenger and we are also compatible with all of the listed implementations.
The https://autocrypt.org effort is driven by MUA implementors who specify both
UX and wire mechanics so that people can use e-mail encryption without the decade
old annoyances regarding mis-managing keys.
- Can we focus on /signing/ messages and checking message signatures, or is there significant interest in message encryption as well? My understanding is that most corporate / government environments want S/MIME based message signing, not encryption (which forces the recipient to decrypt the message.)
I guess that depends on the user base you want to cater to -- pretty sure that
individuals rather want e2e-encryption and not just signing.
- How should the plugin manage YOUR private key / certificate for each email account? We could allow you to specify the path to your key or try to read it out of the system config / keystore in some way, but I really want to support all three platforms and integrating with other apps might make that tricky.
- How should the plugin retrieve OTHERS public keys? This is the part of message encryption / signing that has always been rough I think.
Both are non-issues with Autocrypt which transfers and accepts keys in MIME headers.
For more info https://autocrypt.org and the referenced "Level 1" doc --
FYI Level 2 efforts are soon starting aiming to protect against active attacks,
i.e. prevent providers from undermining e2e-encryption between its users.
|
|
Thank you for taking seriously privacy, @bengotow ; if we can lend a hand, let us know.
There is actually something called GPGME which is often used in some tooling (Mutt/NeoMutt can use it for example): https://gnupg.org/software/gpgme/index.html It could be used if that's required. |
|
In no case should Mailspring manage the keys. Linux has gpg directly on board, Mac and Windows can install it after.
The latter is actually the standard in all major apps (Enigmail) by now. It also verifies that the email really exists and exceeds old keys, so that there are not 5000 keys from a user. I think no matter how you do it now, everyone has different requirements. Some will be satisfied with signing with certificates, but some will definitely want to encrypt with PGP. Order the Autocrypt as already mentioned. |
|
Got to have this feature! is anyone awake at Mailspring? |
|
I really want this feature too, the lack of PGP support is preventing me and many people I know to switch to Mailspring from Thunderbird. Is this feature on the roadmap? |
|
any news regarding PGP support? love the interface but without PGP support I have to switch back to other client |
|
Any update with this please ? |
|
+1 |
|
Please do give us an update on PGP encryption. This is at the very top of many users or potential users' list of vital features for a web client. Thunderbird now supports PGP encryption natively (although it could already support it before with the Enigmail plugin). I think Mailspring is superior to Thunderbird in almost every way, but the lack of PGP encryption sticks out like a sore thumb in an age where more and more users are deeply concerned about privacy. |
|
Outside of some commits related to Office 365 accounts in August, there hasn't been much work on Mailspring in the past couple of months...😢 |
|
Maybe this plugin could help? mailspring-keybase |
|
+1 from me as well. Now that the new Thunderbird versions are shipping with basically broken PGP support, I looked for some alternative mail client to use. Unfortunately, I ended up here and found that PGP isn't supported :-( |
|
Evolution works. But ug.
…On Oct 30 2020, at 8:00 am, rgpublic ***@***.***> wrote:
+1 from me as well. Now that the new Thunderbird versions are shipping with basically broken PGP support, I looked for some alternative mail client to use. Unfortunately, I ended up here and found that PGP isn't supported :-(
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub (#25 (comment)), or unsubscribe (https://github.com/notifications/unsubscribe-auth/AAWRAA6AW5GYHI34P4RB3A3SNLII7ANCNFSM4D5Y2SPQ).
|
|
PGP and S/MIME for corporations is a must have. No doubt |
This comment has been minimized.
This comment has been minimized.
|
Project is not dead. 2020 happened is all. Project owner replied to #2231. In any case, I too need this feature. |
|
This issue has been mentioned on Mailspring Community. There might be relevant details there: https://community.getmailspring.com/t/pgp-encryption-gpg-support-keybase/83/1 |
|
Hey everyone, This is something both @bengotow and I would love to see, but we really need some members of the community to step up and help us implement this! We are in the process of migrating issues to Discourse, which can better facilitate discussion and discovery, and so GitHub Issues can focus on issues that are confirmed and slated for resolution in the near term. Learn more about the changes here. As part of this, we've migrated this issue to Discourse: https://community.getmailspring.com/t/pgp-encryption-gpg-support-keybase/83 Please consider joining that community and continuing the discussion there! We hope to see you on Discourse soon! -The Mailspring Team |
and others
Can I use GPG to encrypt email in Mailspring yet? Couldn't find anything in the KB and I also couldn't use any plugins to add the functionality myself.
I would have checked out the roadmap to see if there was a plan to implement this but it doesn't seem to be public. #
The text was updated successfully, but these errors were encountered: