Future OpenPGP Support in Thunderbird

Binarus lists at binarus.de
Mon Oct 21 11:42:45 CEST 2019

On 19.10.2019 17:20, Patrick Brunschwig wrote:
>> Why not stick with that and focus on what has made Enigmail
>> successful?
> What is the reason in your eyes that made Enigmail successful?

It is the ingenious mixture of integration / ease-of-use on one hand
(setting it up (normally) is a no-brainer, including key generation and
key upload, it allows for per-recipient rules, it provides a nice GUI
for a task which actually is complex, it allows subject encryption, it
allows using hardware tokens, it provides PGP/MIME and PGP/inline, and
it integrates fantastically; heck, the PGP settings even are integrated
into the account settings, exactly where they belong!) and on the other
hand the unlimited possibilities of GnuPG (command line, configuration).

Last, but not least, we must not forget security issues. Implementing
PGP correctly is a hairy task, given the long history of security
problems in different implementations. Werner's implementation has an
excellent reputation, and it's the only one I personally trust
completely. It is exactly the division of tasks which may have
contributed to Enigmail's success more than one would imagine. After
all, email encryption users do care about the underlying engine. We all
know what we would have to expect if the TB team would rewrite the thing
itself (which you have ruled out) or would use some library which hasn't
been tested as rigorously as GnuPG.

Actually, the Enigmail / GnuPG duo is one of the best examples of how
different software parts could work together, thus increasing the
prevalence of both parts by magnitudes, pushing a technique which the
world really needs, and making it usable for the masses. Enigmail /
GnuPG is by fare more than its sum.

Each of the above reasons has made Enigmail such successful (and GnuPG,
or course).



More information about the Gnupg-users mailing list