That email clients cleanup #1990

2020-07-14T09:21:53Z

freddy-m commented

2020-07-14 09:21:53 +00:00

(Migrated from github.com)

Description

Resolves: #1707
Resolves: #1643
Resolves: #2112
Resolves: https://github.com/privacytools/privacytools.io/issues/2072
Resolves: https://github.com/privacytools/privacytools.io/issues/2136
Resolves: https://github.com/privacytools/privacytools.io/pull/2137
Resolves: https://github.com/privacytools/privacytools.io/issues/2141
Resolves: https://github.com/privacytools/privacytools.io/issues/1248
Resolves: https://github.com/privacytools/privacytools.io/issues/2133 - lets close this for now, as they're working on it.

Check List

I understand that by not opening an issue about a software/service/similar addition/removal, this pull request will be closed without merging.
I have read and understand the contributing guidelines.

Netlify preview for the mainly edited page: https://deploy-preview-1990--privacytools-io.netlify.app/software/email/

## Description Resolves: #1707 Resolves: #1643 Resolves: #2112 Resolves: https://github.com/privacytools/privacytools.io/issues/2072 Resolves: https://github.com/privacytools/privacytools.io/issues/2136 Resolves: https://github.com/privacytools/privacytools.io/pull/2137 Resolves: https://github.com/privacytools/privacytools.io/issues/2141 Resolves: https://github.com/privacytools/privacytools.io/issues/1248 Resolves: https://github.com/privacytools/privacytools.io/issues/2133 - lets close this for now, as they're working on it. #### Check List - [x] I understand that by not opening an issue about a software/service/similar addition/removal, this pull request will be closed without merging. - [x] I have read and understand [the contributing guidelines](https://github.com/privacytools/privacytools.io/blob/master/.github/CONTRIBUTING.md). * Netlify preview for the mainly edited page: https://deploy-preview-1990--privacytools-io.netlify.app/software/email/

dngray commented

2020-07-15 03:24:21 +00:00

(Migrated from github.com)

I'm thinking we might have a sub category for Mobile clients.. Android and iOS, because on mobile platform things like this are never multi platform.

We should also look into some iOS clients that support PGP. Realistically we should be only recommending clients that can do PGP. Tutanota being the only exception, but that's not really a client, it's a service (so I wouldn't be recommending their app on this page).

I'm thinking we might have a sub category for Mobile clients.. Android and iOS, because on mobile platform things like this are never multi platform. We should also look into some iOS clients that support PGP. Realistically we should be only recommending clients that can do PGP. Tutanota being the only exception, but that's not really a client, it's a service (so I wouldn't be recommending their app on this page).

👍 1

dngray commented

2020-07-16 07:06:58 +00:00

(Migrated from github.com)

I'm thinking Letterbox is probably a bit too experimental at the moment to be added (perhaps), it should be tested by someone with an iOS device. It seems you must side load through Testflight.

I'd probably add https://canarymail.io though, and yes I'm aware it's closed source, but you have a lot less options on iOS anyway.

I'm thinking Letterbox is probably a bit too experimental at the moment to be added (perhaps), it should be tested by someone with an iOS device. It seems you must side load through Testflight. I'd probably add https://canarymail.io though, and yes I'm aware it's closed source, but you have a lot less options on iOS anyway.

👍 1

freddy-m commented

2020-07-16 09:42:25 +00:00

(Migrated from github.com)

I think swapping letterbox for Canary Mail works, and maybe letterbox could be put under worth mentioning (unless we are trying to get rid of that)?

dngray commented

2020-07-16 10:41:31 +00:00

(Migrated from github.com)

I think swapping letterbox for Canary Mail works, and maybe letterbox could be put under worth mentioning (unless we are trying to get rid of that)?

This might be a good idea, we may make an exception here to the worth mentioning rule as it's something we want to keep an eye on.

> I think swapping letterbox for Canary Mail works, and maybe letterbox could be put under worth mentioning (unless we are trying to get rid of that)? This might be a good idea, we may make an exception here to the worth mentioning rule as it's something we want to keep an eye on.

👍 1

freddy-m commented

2020-07-16 16:18:35 +00:00

(Migrated from github.com)

Do we want to create a "Testing tools" section as mentioned in the issue? Or should that be something for the wiki/blog?

dngray commented

2020-07-17 08:41:03 +00:00

(Migrated from github.com)

Do we want to create a "Testing tools" section as mentioned in the issue? Or should that be something for the wiki/blog?

We could have a heading maybe instead of "worth mentioning" something like "Future items to be considered:" or something to that effect.

> Do we want to create a "Testing tools" section as mentioned in the issue? Or should that be something for the wiki/blog? We could have a heading maybe instead of "worth mentioning" something like "Future items to be considered:" or something to that effect.

freddy-m commented

2020-07-17 10:48:30 +00:00

(Migrated from github.com)

Hmmm, but should we try and distinguish between email clients that could be consdered, like tools such as Email Privacy Tester or some of the other things currently under 'Worth Mentioning' and 'Privacy Email Tools' ?

Hmmm, but should we try and distinguish between email clients that could be consdered, like tools such as [Email Privacy Tester](https://www.emailprivacytester.com/) or some of the other things currently under 'Worth Mentioning' and 'Privacy Email Tools' ?

dngray commented

2020-07-20 08:45:48 +00:00

(Migrated from github.com)

We don't have to mention Enigmail anymore https://blog.thunderbird.net/2020/07/whats-new-in-thunderbird-78/

👍 1

koenvervloesem commented

2020-07-20 08:57:45 +00:00

(Migrated from github.com)

We don't have to mention Enigmail anymore

I would still mention it, because OpenPGP support is not there yet: "Thunderbird 78.2, due out in the coming months, will offer a new feature that allows you to end-to-end encrypt your email messages via OpenPGP."

> We don't have to mention Enigmail anymore I would still mention it, because OpenPGP support is not there yet: "Thunderbird 78.2, due out in the coming months, will offer a new feature that allows you to end-to-end encrypt your email messages via OpenPGP."

dngray commented

2020-07-20 12:23:11 +00:00

(Migrated from github.com)

I would still mention it, because OpenPGP support is not there yet: "Thunderbird 78.2, due out in the coming months, will offer a new feature that allows you to end-to-end encrypt your email messages via OpenPGP."

ah this is true, and you need that for card reader support.

> I would still mention it, because OpenPGP support is not there yet: "Thunderbird 78.2, due out in the coming months, will offer a new feature that allows you to end-to-end encrypt your email messages via OpenPGP." ah this is true, and you need that for card reader support.

freddy-m commented

2020-07-27 14:13:56 +00:00

(Migrated from github.com)

I don't think Mailvelope deserves to be delisted. Could be but under "worth mentioning" or the proposed "Future items to be considered:" area perhaps?

I don't think [Mailvelope](https://www.mailvelope.com/en) deserves to be delisted. Could be but under "worth mentioning" or the proposed "Future items to be considered:" area perhaps?

dngray commented

2020-07-28 07:52:30 +00:00

(Migrated from github.com)

I don't think Mailvelope deserves to be delisted. Could be but under "worth mentioning" or the proposed "Future items to be considered:" area perhaps?

I'd suggest it under the desktop section actually. It underwent an audit a while back https://www.mailvelope.com/en/blog/mailvelope-4.0

Both posteo.de and mailbox.org have articles for it too:

So I would assume they support it.

It's also well documented https://www.mailvelope.com/en/help

> I don't think [Mailvelope](https://www.mailvelope.com/en) deserves to be delisted. Could be but under "worth mentioning" or the proposed "Future items to be considered:" area perhaps? I'd suggest it under the desktop section actually. It underwent an audit a while back https://www.mailvelope.com/en/blog/mailvelope-4.0 - https://sec-consult.com/en/blog/2019/08/mailvelope-bsi-improves-email-securty/ - https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/Studies/Mailvelope_Extensions/Mailvelope_Extensions_pdf.pdf?__blob=publicationFile&v=3 Both posteo.de and mailbox.org have articles for it too: - https://posteo.de/en/help?tag=mailvelope - https://kb.mailbox.org/display/MBOKBEN/How+to+set+up+Mailvelope So I would assume they support it. It's also well documented https://www.mailvelope.com/en/help

freddy-m commented

2020-08-06 17:57:55 +00:00

(Migrated from github.com)

Something about having Mailvelope amongst the other email clients seems odd, perhaps we could create a sepeate section for extensions? Seeing as it isn't an email client, it feels weird that it is in with email clients, or maybe thats just me.

dngray commented

2020-08-15 17:13:11 +00:00

(Migrated from github.com)

I'm also not opposed to adding https://neomutt.org down the bottom under worth mentioning maybe.

It is a multi platform, and I'm not against TUI clients like https://aerc-mail.org or https://meli.delivery in the future, if they gain some stability.

I'm also not opposed to adding https://neomutt.org down the bottom under worth mentioning maybe. It is a multi platform, and I'm not against TUI clients like https://aerc-mail.org or https://meli.delivery in the future, if they gain some stability.

👍 1

freddy-m commented

2020-08-15 17:31:46 +00:00

(Migrated from github.com)

I'd be ok with that. notmuchmail could also be worth considering.

freddy-m commented

2020-08-25 08:14:23 +00:00

(Migrated from github.com)

We should probably add a criteria, most likely just a copypasta of the email one but adapted for clients.

dngray commented

2020-10-15 08:18:53 +00:00

(Migrated from github.com)

I think this is looking pretty good now.

freddy-m commented

2020-10-16 07:24:42 +00:00

(Migrated from github.com)

@dngray same, however it would be good to create a criteria surely?

dngray commented

2020-10-16 10:57:41 +00:00

(Migrated from github.com)

@dngray same, however it would be good to create a criteria surely?

The issue I have with a criteria is, we test these products. Generally I don't like recommending closed source products, but we sometimes make an exception ie with CanaryMail for example.

I think the main thing we would require is that the client have support for PGP encryption, I think that's really all we can put there. We should also require mail clients support blocking of remote images, as those can be used for tracking pixels:

https://support.mozilla.org/en-US/kb/remote-content-in-messages

> @dngray same, however it would be good to create a criteria surely? The issue I have with a criteria is, we test these products. Generally I don't like recommending closed source products, but we sometimes make an exception ie with CanaryMail for example. I think the main thing we would require is that the client have support for PGP encryption, I think that's really all we can put there. We should also require mail clients support blocking of remote images, as those can be used for tracking pixels: https://support.mozilla.org/en-US/kb/remote-content-in-messages

freddy-m commented

2020-10-16 12:22:07 +00:00

(Migrated from github.com)

@dngray perhaps we should include this somewhere on the page, otherwise I think we're pretty much done here!

Also, I think we could put Enigmail under worth mentioning for desktop?

@dngray perhaps we should include this somewhere on the page, otherwise I think we're pretty much done here! Also, I think we could put Enigmail under worth mentioning for desktop?

gary-host-laptop commented

2020-10-16 13:23:01 +00:00

(Migrated from github.com)

@dngray perhaps we should include this somewhere on the page, otherwise I think we're pretty much done here!

Also, I think we could put Enigmail under worth mentioning for desktop?

I'm pretty sure that Enigmail is going to reach EOL somewhere this year since Thunderbird is adding its built in PGP support.

> @dngray perhaps we should include this somewhere on the page, otherwise I think we're pretty much done here! > > Also, I think we could put Enigmail under worth mentioning for desktop? I'm pretty sure that Enigmail is going to reach EOL somewhere this year since Thunderbird is adding its built in PGP support.

dngray commented

2020-10-21 01:49:21 +00:00

(Migrated from github.com)

I'm pretty sure that Enigmail is going to reach EOL somewhere this year since Thunderbird is adding its built in PGP support.

Redirected from Will OpenPGP cards be supported for private key storage?:

How to use Thunderbird 78 with smartcards

How to use Thunderbird 78 with smartcards

Thunderbird 78 does NOT use GnuPG by default. Instead, it uses the RNP library. The RNP library does NOT yet support the use of smartcards for secret keys.

This means, in the default configuration, Thundbird does not support smartcards. However, using smartcards is possible using an optional, advanced configuration mechanism.

If you'd like to use a smartcard with Thunderbird 78, you must perform several manual configuration steps.

We should verify this works first.

> I'm pretty sure that Enigmail is going to reach EOL somewhere this year since Thunderbird is adding its built in PGP support. Redirected from [Will OpenPGP cards be supported for private key storage?](https://wiki.mozilla.org/Thunderbird:OpenPGP:2020#Will_OpenPGP_cards_be_supported_for_private_key_storage_.3F): [How to use Thunderbird 78 with smartcards](https://wiki.mozilla.org/Thunderbird:OpenPGP:Smartcards) > **How to use Thunderbird 78 with smartcards** > > Thunderbird 78 does NOT use GnuPG by default. Instead, it uses the RNP library. The RNP library does NOT yet support the use of smartcards for secret keys. > > This means, in the default configuration, Thundbird does not support smartcards. However, using smartcards is possible using an optional, advanced configuration mechanism. > > If you'd like to use a smartcard with Thunderbird 78, you must perform several manual configuration steps. We should verify this works first.

👍 2

dngray commented

2020-11-25 15:59:49 +00:00

(Migrated from github.com)

We should verify this works first.

I've verified this with 78.5 and this works quite nicely. There is a wizard that helps with conversion.

These releases included OpenPGP fixes, so it's being made 1st class:

> We should verify this works first. I've verified this with 78.5 and this works quite nicely. There is a wizard that helps with conversion. These releases included OpenPGP fixes, so it's being made 1st class: - https://www.thunderbird.net/en-US/thunderbird/78.1.1/releasenotes/ - https://www.thunderbird.net/en-US/thunderbird/78.2.0/releasenotes/ - https://www.thunderbird.net/en-US/thunderbird/78.2.1/releasenotes/ - https://www.thunderbird.net/en-US/thunderbird/78.2.2/releasenotes/ - https://www.thunderbird.net/en-US/thunderbird/78.3.0/releasenotes/ - https://www.thunderbird.net/en-US/thunderbird/78.3.2/releasenotes/ - https://www.thunderbird.net/en-US/thunderbird/78.3.3/releasenotes/ - https://www.thunderbird.net/en-US/thunderbird/78.5.0/releasenotes/

dngray commented

2020-11-26 04:56:45 +00:00

(Migrated from github.com)

Okay, so it looks like you've removed the repo that this PR merges from.

We will need another PR later to, so I'll unlink these issues from this PR.

Criteria, which really at this point can only contain OpenPGP support. Ideally I'd like to make sure things are cross-platform and open source, but that narrows the page down significantly further than what we've got. CanaryMail is closed source and MacOS only, but on Apple/iOS devices it is likely to provide the most native experience. Therefore I'm thinking we won't add a criteria as such, as it is a general guide.
https://github.com/privacytools/privacytools.io/issues/2120

Okay, so it looks like you've removed the repo that this PR merges from. We will need another PR later to, so I'll unlink these issues from this PR. - Criteria, which really at this point can only contain OpenPGP support. Ideally I'd like to make sure things are cross-platform and open source, but that narrows the page down significantly further than what we've got. CanaryMail is closed source and MacOS only, but on Apple/iOS devices it is likely to provide the most native experience. Therefore I'm thinking we won't add a criteria as such, as it is a general guide. - https://github.com/privacytools/privacytools.io/issues/2120

dngray (Migrated from github.com) approved these changes 2020-11-26 04:59:14 +00:00

dngray commented

2020-11-26 06:16:47 +00:00

(Migrated from github.com)

For some reason this didn't end up merging with master, even though the status says it did, https://github.com/privacytools/privacytools.io/pull/2142 should fix that.

This repo is archived. You cannot comment on pull requests.

No reviewers

dngray