Decrypt messages permanently

Do you have a suggestion for a feature that you think would make Enigmail better? Post it here! Don't use this for bugs or other problems.

Postby varagar » 8th Feb 2008 22:41

Is this possible that you contact Thunderbird to be able to implement this please ??

Thanks ;-)
varagar
New user
New user
 
Posts: 2
Joined: 8th Feb 2008 18:12

Postby rjh » 9th Feb 2008 08:57

We are here to help people with Enigmail questions. That's all. If you want it done, you need to do it yourself.

I will not do it, and I think it is very rude of you to ask me to do it. If you don't feel strongly enough to do it, then why should I do it for you?
User avatar
rjh
Enigmail Team
Enigmail Team
 
Posts: 64
Joined: 21st Jul 2007 16:41

Postby varagar » 9th Feb 2008 10:23

rjh wrote:We are here to help people with Enigmail questions. That's all. If you want it done, you need to do it yourself.

I will not do it, and I think it is very rude of you to ask me to do it. If you don't feel strongly enough to do it, then why should I do it for you?


I'm sorry, I wouldn't be rude, this was only a question...
varagar
New user
New user
 
Posts: 2
Joined: 8th Feb 2008 18:12

Postby johann_p » 29th Feb 2008 21:55

I agree -- I think that a decent API for email handling and email metadata handling would be the most important thing to get done. It simply would make so many innovative and essential things more easy or even possible.

I would indeed also love to see this option in Enigmail. Apart from having the email decrypted in the save haven of my TB folder, there are other advantages, e.g. the possibility to forward the email to somebody else, e.g. re-encrypted for that person. Something that is not easily possible now, I believe.

The only way to do this now is probably using the same trick as the attachment deletion extension uses. I don't know the exact details but they do it: they remove an attachment from an email message which essentially means in-place editing.
johann_p
Novice User
Novice User
 
Posts: 5
Joined: 29th Feb 2008 19:58

Postby blah » 2nd Mar 2008 20:03

Hi,

rjh wrote:While I agree that this feature would be nice, it is unlikely to be done due to the way Enigmail interacts with Thunderbird.


Thanks for this answer! At least, now it's clear this feature won't get implemented soon and the Enigmail team is not the right contact for this feature request.

Finally, I'm only wondering why this feature was and still is on the roadmap. Why is this answer so late?

Nevertheless, I appreciate your work and thanks again for the clarification!

blah
blah
Novice User
Novice User
 
Posts: 5
Joined: 5th Dec 2005 16:11

Postby rjh » 2nd Mar 2008 20:26

I can't speak to why it took so long. I usually stay out of the forums and let other members of the team take care of it. All I can tell you is I like to see questions get answered, and when I see unanswered questions I try to answer them. :)

The reason why this feature was and still is on the roadmap is pretty straightforward... it's simpler to leave it on the roadmap and tell people "it's going to be in the pretty far future" than to constantly explain to people who want this feature why we can't do it ourselves and why we have to wait on Thunderbird.

We want it ourselves. We'd like to have it. We're hoping Thunderbird makes it possible for us to do this. If and when they do, we'll happily begin working on it in earnest. :)
User avatar
rjh
Enigmail Team
Enigmail Team
 
Posts: 64
Joined: 21st Jul 2007 16:41

Re: Decrypt messages permanently

Postby mortoray » 11th Jul 2008 12:45

Okay, I'm trying to see what the Thunderbird team has to say:

http://forums.mozillazine.org/viewtopic.php?f=30&t=734195
mortoray
New user
New user
 
Posts: 2
Joined: 28th Mar 2006 12:56

Re: Decrypt messages permanently

Postby mortoray » 13th Jul 2008 08:38

So could this be done the same way in which the "Delete Attachments" extension modifies the messages? It is capable of removing attachments, which I would suspect is the same level of functionality needed to decrypt the message. One reply on the thunderbird thread indicates they might just create a new message and delete the original one (I suspect most people would also be okay with that)

The addon:
https://addons.mozilla.org/en-US/thunderbird/addon/556
mortoray
New user
New user
 
Posts: 2
Joined: 28th Mar 2006 12:56

Re: Decrypt messages permanently

Postby consistency » 2nd Oct 2008 01:03

hello,

i also "vote" for this, very important, feature.

in the moment i use gpgrelay (http://gpgrelay.sourceforge.net/, http://sites.inka.de/tesla/gpgrelay.html) for this feature, which makes enigmail obsolete.
but enigmail would be the preferred choice for me, because it is still developed and its much better integrated in thunderbird.

what about the comment from mortoray, is there no way to solve this issue from the addon layer?
the mentioned addon for attachment deletion should have the same level of mail manipulation as the requested feature.

shane wrote:Decrypting something permanently is potentially bad security practice. For you or I it's fine, because we know that the messages can now be compromised locally, but for novice users there could be a grey area. They might not understand that permanent decryption really means the message is exposed.

i think thats not the point, security must be easy to handle, if it is not easy an has no good interface, its simply not used by regular users. i fiddled around with gpgrelay and it works, but it don't gets me any further if i am the only person who uses encryption. why? because it's too difficult. so encryption should be very easy to handle.

so why the local decryption is nessessary:
people won't use security measures if they can't search their mail, can't easily access it, access the email after a system crash where they have backuped the mails but not the gpg keys (thats not unrealistic, often they ask me for their passwords because they only saved them in the mail program).

we all know the most secure computer is one which is not on the internet and has no floppy, no dvdrom, no usb slots and no monitor. but we need to work on pc's so they have to on the net. so we have to make a good compromise between security and usability.

i think security is important, but sometimes you have to compromise.

what is better, if we say no all email programms cannot save the pop/smtp password, which simply leads to more stupid passwords or even no passwords or if we allow to save passwords but have at least no mail server without password on the internet.

its the same for localy decrypted emails. i think it is better to allow every user to save unencrypted mails on their computer (where all importend excel/word files gets stored unencrypted anyway (no regular users are not used to truecrypt)) but at least have it secured over the very insecure internet-transport way.
what is better, everybody sending around postcards with sensible information on it, or send sealed letters which lie around open in the office after unsealed? also i dont store my letters in a safe, i just put them in a folder. i trust my colleagues in the office, but i don't trust people sniffing my plain packets traveling over the internet

also it would be good, to allow to store the passphrases of keys in thunderbird. i think a key with a passphrase is better, than a key with no passphrase (pp). if i have no pp someone only needs the keyfile, with a passphrase he also needs the correct thunderbird file where the pp is getting stored and he needs to crack the simple encryption the pp is protected with. of course it it more secure if you use a long pp and always enter it by hand, but the middleway is to add a pp manager to enigmail/thunderbird. i installed a customer enigmail with a key with pp and added the "--passphrase mysecretpassword" (dont sure if i remember the name correct) parameter to the default parameters. which is rather unflexible, you can only have one key with pp in use.

blah wrote:When someone gets into encrypting messages he/she will need to have at least some basic knowledge what's going on. Pointing out this situation in a user manual and deactivating this feature in the default installation should be enough IMO.

i totally agree with you.

blah wrote:I'd like to have that feature, too. Messages and other content can also get encrypted on the hard drive, so for me there is no use in encrypting it twice. Also, it's easier to handle my e-mails if they are stored unencrypted in my folders.
The lack of this feature is a reason why I can't use Enigmail at the moment.

same for me

Adam wrote:I'm not entirely sure if this is a good idea based on the aim of encryption. This would be especially problematic in a corporate based environment where computers were shared and previously encrypted email would be available for virtually anyone to read.

how much emails are getting encrypted? 5%? 1%? 0,1%? i dont know, but as i mentioned above, its better to have not encrypted emails on a workstation (which often is behind a company firewall), than plain email communication over the internet. so adding this feature would be a step in the right direction.
also you have to see, that many people put their very very strong password ("qwerty") on a post-it on the monitor. that's reality.

it makes no sense to be on the binary trip (black/white) full encryption/no encryption. lets take the gray way :)
so don't work against encryption, work for it. if you work for it, it is important that is handy to use.

rjh wrote:What people are asking for here is "blow away the old copy of my email on the IMAP server and replace it with a new email containing the decrypted information of the old email." This involves a lot of email access issues: access, deleting, uploading, etc. This is stuff Thunderbird does, and stuff Enigmail very explicitly does not do.

POP access is little different. "Blow away the old copy of my email in the mbox file and replace it with a new email containing the decrypted information of the old email." The same issues arise.

to imap i can't really say something, have not used it. so my statements refere only to pop. also i don't know how thunderbird and the plugin works in detail, so don't be too strict with me.

there should nothing be done with the message on the mailserver, the messages on the mailserver should always stay encrypted. only the local messages should be permantently decrypted. so it should work like a local filter/parser.

server > download > decrypt > inbox
or
server > download > inbox > click > decrypt

reupload is not nessesary and would be real insecure, because the plain message is getting uploaded over the internet

rjh wrote:While I agree that it would be nice if Enigmail did this, supporting this would likely introduce vast amounts of complexity to the Enigmail code. However, if Thunderbird could export an API we could use which would allow us to easily manipulate mail data, then we could support it pretty easily.
I guess the ultimate answer is "if you want this feature, you need to ask Thunderbird, not us." Sorry. :(

it would be great if you can take this in your hand, neither if you implement it directly in enigmail nor if you directly contact the thunderbird coding team.

i think your chances are much higher, as if i try to contact the coding team. if you and your codeingteam will contact them, they may listen to you. simply because you are not nobody.

from my point i think you both, the enigmail and the thunderbird team, have a very important duty, protect the normal user from "data-profiling". for me, i don't have secret stuff in my email, but i would instantly use encryption if the people which i write emails to / get emails from would use it.
why? thats easy, i really don't like getting "profiled". so if my provider wants to parse and profile my email, i just can say "parse this - protected by gpg".

hope you and your team will think about it. safe the world! :)

so far
julian

edit: typo
Last edited by consistency on 10th Apr 2009 14:05, edited 1 time in total.
consistency
New user
New user
 
Posts: 1
Joined: 10th Sep 2008 22:01

save uncrypted / save sent uncrypted

Postby Boris » 17th Oct 2008 12:24

Hej all,

I am using Thunderbird (correct: Icedove) with Enigmail on Debian since years with best experiences. So this is the right time to give a big Thank You to everybody working on this. Great Software!

Allthough the whole encrypting, signing etc. works quite seamless I find the following feature to be missing:

I suggest to have an option to save local mails unencrypted, when sent and received crypted.

I suspect this might be a lack in security for some but here are the reasons to want this feature:

- Thunderbird cannot search through crypted mails.
- One cannot see if there's an attachment or not until the mail is decrypted.
- Once the pubkey is changed or lost or whatever makes a change necessary, the mails are not longer decryptable.

What do you think?

Boris
Boris
New user
New user
 
Posts: 1
Joined: 17th Oct 2008 10:29

Re: save uncrypted / save sent uncrypted

Postby dan » 17th Oct 2008 16:40

Good points, but this feature has already been requested in another thread: viewtopic.php?f=9&t=34

EDIT: Topics merged.
User avatar
dan
Experienced user
Experienced user
 
Posts: 104
Joined: 3rd Sep 2008 13:25
Location: Geneva, Switzerland

Store decypted mail unencrypted

Postby martin816 » 4th Oct 2009 20:14

Hi @all,

first of all thanks for this software!

I'd like to discuss a feature which I really miss and which would convice some of my colleagues and friends to use enigmail, too.
If you like to read old mails from your mail-archive you'll need your private key to decrypt these. If you change your key on a regular basis you'll have to store all keys to read old mails encrypted with these keys. Maybe I missed something, but imho there's no way to store a mail unencrypted in thunderbirds mailfolder just along with all other (unencrypted) mails I received, right?

What do you think about implementing this function?

Greetings from Hamburg
Martin
martin816
New user
New user
 
Posts: 1
Joined: 30th Sep 2009 19:32

Re: Store decypted mail unencrypted

Postby jmoore3rd » 4th Oct 2009 21:29

This 'Feature' is suggested periodically. The last time was November 26, 2005 [http://www.mozilla-enigmail.org/forum/viewtopic.php?f=9&t=34] and the 'discussion' carried on through February 2006. :D I would not want such a feature. Once a Message is stored unencrypted it is vulnerable to compromise either by anyone who has access to the computer or by a malware application that 'forwards' stored Email's from the MUA.

The usual reason most folks desire the ability to store Read Email unencrypted is to make it easier to Search the Mail Folders. My Threat Model is such that the hassle of manually searching saved Email's is insignificant when compared to the risk of having same Email's compromised. :roll:

JOHN :wink:
Timestamp: Sunday 04 Oct 2009, 16:29 --400 (Eastern Daylight Time)
"If there are no dogs in Heaven,
then when I die I want to go
where they went." - Will Rogers
User avatar
jmoore3rd
Enigmail Team
Enigmail Team
 
Posts: 72
Joined: 5th Dec 2005 13:39
Location: Atlanta, GA USA

Re: Store decypted mail unencrypted

Postby dan » 5th Oct 2009 15:48

I have appended the OP topic to the list of merged posts about this feature request.
User avatar
dan
Experienced user
Experienced user
 
Posts: 104
Joined: 3rd Sep 2008 13:25
Location: Geneva, Switzerland

Re: Decrypt messages permanently

Postby dan » 9th Oct 2009 16:57

This feature request seems very popular so I wrote a FAQ entry about it: viewtopic.php?f=10&t=637&start=0
User avatar
dan
Experienced user
Experienced user
 
Posts: 104
Joined: 3rd Sep 2008 13:25
Location: Geneva, Switzerland

PreviousNext

Return to Feature Requests