Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. GnuPG>
  3. users
Re: [Enigmail] Future OpenPGP Support in Thunderbird
hernani.marques at pep
Oct 8, 2019, 9:57 AM
Post #1 of 2 (166 views)
Permalink
On 08.10.19 18:37, Dmitry Alexandrov wrote:

> Pity, but I hope it will be better that way. In particular I hope, that Mozilla will not follow your example and won’t entice users to proprietary isolated keyserver [0] instead of distributed SKS network thus splitting the keybase. And won’t promote standards [1] that suspiciously resemble embrace-extend-and-extinguish tactics employed against PGP either.
>
> [0] https://keys.openpgp.org
> [1] https://pep.security
pEp is not against PGP, it's just PGP-supporting as much as it makes
sense for interop reasons and goes beyond email already today; and it's
designed from the very beginning on to support other crypto as well
(agnosticism on messaging & crypto).

--
p?p foundation: https://pep.foundation/

Attached Files:

Re: [Enigmail] Future OpenPGP Support in Thunderbird [ In reply to ]
gnupg-users at gnupg
Oct 8, 2019, 11:39 AM
Post #2 of 2 (166 views)
Permalink
"Hernâni Marques (p?p foundation)" <hernani.marques@pep.foundation> wrote:
> On 08.10.19 18:37, Dmitry Alexandrov wrote:
>
>> Pity, but I hope it will be better that way. In particular I hope, that Mozilla will not follow your example and won’t entice users to proprietary isolated keyserver [0] instead of distributed SKS network thus splitting the keybase. And won’t promote standards [1] that suspiciously resemble embrace-extend-and-extinguish tactics employed against PGP either.
>>
>> [0] https://keys.openpgp.org
>> [1] https://pep.security
>
> pEp is not against PGP it's just PGP-supporting as much as it makes sense for interop reasons

Well, I’m glad to hear that, but it’s really a pity, that supporting Autocrypt does not make sense for you.

> and goes beyond email already today; and it's designed from the very beginning on to support other crypto[formats] as well (agnosticism on messaging & crypto[format])

A double pity in light of your decision to not only support but actually _prefer_ other cryptoformats over PGP whenever possible for the sake of ‘forward secrecy’ [1] — that’s when Autocrypt is exactly the extension to PGP that can provide forward secrecy, if needed.

[1]
| How does p?p select the most secure way of sending an email or a message?
|
| When a p?p user is communicating with another p?p user:
|
| 1. if online communication available: OTR through GNUnet.
|
| 2. if online communication not available:
|
| a. if anonymizing platform available, OpenPGP through anonymizing platform (i.e. Qabel),
|
| b. if anonymizing platform not available, fallback to OpenPGP.
|
| When a p?p user is communicating with a non-p?p user then depending on the capabilities of the non-p?p user:
|
| 1. if anonymizing and forward secrecy is possible, use that (i.e. OTR over GNUnet).
|
| 2. if anonymizing but no forward secrecy is possible, use that (i.e. OpenPGP over Qabel).
|
| 3. if forward secrecy is possible, use that (i.e. OTR).
|
| 4. if hard cryptography but no forward secrecy is possible, use that (i.e. OpenPGP)
|
| 5. if only weak cryptography is possible, use that (i.e. S/MIME with commercial CAs)
|
| 6. send unencrypted.
https://www.pep.security/en/faq/

Attached Files:

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal