Future OpenPGP Support in Thunderbird

[Robert J. Hansen]

> Why the heck don't they just run gpg the way enigmail did?

Three major reasons:

1.  License incompatibility.  GnuPG is GPLv3, and Mozilla uses the
Mozilla Public License.  They're not compatible.  Arguably (and I
believe _correctly_) distributing GnuPG with Moz wouldn't be a
dealbreaker, as mere aggregation is different from actually linking, but
lawyers are by nature conservative.  Moz has already said their lawyers
won't let them do this.

2.  Dependencies.  Mozilla will not accept responsibility for users
doing foolish things with their gpg.conf files, because those users will
expect Mozilla to fix it for them.  It's a dealbreaker.  This is also
why Mozilla has declared they won't even support using GnuPG keyrings --
they're going to insist on running their own keyring internal to
Thunderbird which isn't shared with anything else.  (I imagine
*importing* from a GnuPG keyring will be supported, but *sharing* a
keyring is right out.)

3.  Enigmail has shown them the limitations of GnuPG.  The Efail attack
on Enigmail was very real.  It was created by an ambiguity in how GnuPG
returns error states: just because GnuPG says "decryption OK" doesn't
mean it was decrypted okay.  (Whether Enigmail should've understood
this, or whether GnuPG should have not returned such an ambiguous
message, is an open question and not one I'm interested in discussing.)
 Rather than repeat Enigmail's interface, which historically had its
fair share of security problems, Mozilla has decided to go a different
route.

More power to 'em.  I love Enigmail, but it's the nature of all software
that at some point we learn how to do things better.  When we learn how
to do things better, we should elect to do them better rather than stay
mired in the past.

(... and that principle, applied to OpenPGP, suggests throwing out a
whole lot of cruft.  Which is another open question I'm not interested
in discussing, except to throw it out there for people to think about.)