encrypt if possible

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

encrypt if possible

Lukas Pirl
Dear all,

(how) can Evolution (be configured to) always encrypt emails if the
recipients' public keys are available?

There is an option to "always encrypt", but I don't have/want/need the
public keys of most of my contacts (and most of them have none anyway). If
that option is enabled, I get an error message every time sending an email to
a contact for which no public key is available. From my expectations, this is
correct behavior.

However, what I'd also expect is the availability of an option saying "always
encrypt emails when sending to contacts for which public keys are available".
Can this be achieved?

Thanks in advance and best,

Lukas

_______________________________________________
evolution-list mailing list
[hidden email]
To change your list options or unsubscribe, visit ...
https://mail.gnome.org/mailman/listinfo/evolution-list

signature.asc (849 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: encrypt if possible

Zan Lynx
On 5/6/19 12:48 PM, Lukas Pirl wrote:
> However, what I'd also expect is the availability of an option saying "always
> encrypt emails when sending to contacts for which public keys are available".
> Can this be achieved?

Thunderbird does that. But I turned it off. You may not want to do it
either.

It turns out that most people I have GPG keys available for would rather
be able to read their email through a web interface than be secure. They
only use it for sending passwords and such like.

--
                Knowledge is Power -- Power Corrupts
                        Study Hard -- Be Evil


_______________________________________________
evolution-list mailing list
[hidden email]
To change your list options or unsubscribe, visit ...
https://mail.gnome.org/mailman/listinfo/evolution-list

signature.asc (499 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: encrypt if possible

Gnome Evolution - General mailing list
In reply to this post by Lukas Pirl
On Mon, 2019-05-06 at 20:48 +0200, Lukas Pirl wrote:
> (how) can Evolution (be configured to) always encrypt emails if the
> recipients' public keys are available?

        Hi,
evolution cannot be configured to do that. I'd not do any such option,
either you want to send a secure mail or you do not. Once sending a
mail securely and once not feels wrong. And what in cases where you
send to multiple recipients and one of them doesn't have the public
key? Splitting the message and send it encrypted to some recipients and
unencrypted to other recipients feels like bad idea, thus there would
be "all or nothing", which is bad too, especially if you agreed with
the other recipients to always encrypt messages.

The way it is done currently is that you've the things under control,
you always know whether the message had been sent encrypted or not. I
prefer to have things under my control, without surprises and such.
        Bye,
        Milan

_______________________________________________
evolution-list mailing list
[hidden email]
To change your list options or unsubscribe, visit ...
https://mail.gnome.org/mailman/listinfo/evolution-list
Reply | Threaded
Open this post in threaded view
|

Re: encrypt if possible

Ángel González

The problem is, you need to send so many mails in the clear, you end up
with a default of not encrypting any.
I do think this option would be useful. I agree that selecting such
middle-ground in the menu when composing a mail makes little sense (it
may fit with other autocrypt-related changes, though) but IMHO makes
perfect sense for an account default.



> And what in cases where you send to multiple recipients and one of
> them doesn't have the public key?

IMHO you should send it in the clear. This is opportunistic encryption.
Half-encrypting the mail seems more confusing than "Sorry, it couldn't be
sent encrypted while also sending it to John"


> especially if you agreed with the other recipients to always encrypt messages.

I think that should be a setting for the Contact (like "wants HTML"), that
(independently to this proposed setting) could trigger an alert if sending in plain
to a contact marked as "always send encrypted" (not sure if it should also change
automatically a plaintext default if sending to contacts with that tag and
for which we have a key).

Best regards

_______________________________________________
evolution-list mailing list
[hidden email]
To change your list options or unsubscribe, visit ...
https://mail.gnome.org/mailman/listinfo/evolution-list
Reply | Threaded
Open this post in threaded view
|

Re: encrypt if possible

Lukas Pirl
On Fri, 2019-05-10 00:03 +0200, Ángel wrote as excerpted:
> The problem is, you need to send so many mails in the clear, you end up
> with a default of not encrypting any.

Well, the default of not encrypting is exactly why I'd appreciate an option
that enables encryption automatically if the recipient's key is available.

Every email that is encrypted is better than an email not being encrypted,
IMHO. Same with HTTP/S: I try to visit all sites using SSL but if that is not
possible, I usually accept the connection without SSL as well (but I then
know, e.g., not to enter any confidential data).

> > And what in cases where you send to multiple recipients and one of
> > them doesn't have the public key?
>
> IMHO you should send it in the clear. This is opportunistic encryption.
> Half-encrypting the mail seems more confusing than "Sorry, it couldn't be
> sent encrypted while also sending it to John"

It had to be expected that there are different opinions on this. :) I agree
that sending the email multiple times (encrypted and non-encrypted) would be
confusing.

Personally, I'd expect the error message that I see now if I tick "always
encrypt" and send an email to a recipient for which there is no GPG key
available. In other words:

1. "encrypt if a recipient's key is available" (or similar) is activated
   in the settings
2. I try to send a message to two recipients: one for which a key is
   available ([hidden email]), one for which there is no key available
   ([hidden email])
3. Evolution shows an error that there is no key available for
   [hidden email] (and ideally, that it tries to encrypt this email because
   there is a key available for [hidden email]).

But again, I see that there are the two opinions on how to handle this
situation and they are both totally valid.

One way to make transparent to the user is to make the behavior explicit in
the preferences, e.g., with a drop down menu element showing three options:

  Encrypt automatically?

    * "never"
    * "if all recipients' keys are available"
    * "if any recipient's key is available"

> > especially if you agreed with the other recipients to always encrypt
> > messages.
>
> I think that should be a setting for the Contact (like "wants HTML"), that
> (independently to this proposed setting) could trigger an alert if sending
> in plain
> to a contact marked as "always send encrypted" (not sure if it should also
> change
> automatically a plaintext default if sending to contacts with that tag and
> for which we have a key).
That'd be okay as well. Although, one could argue that after importing a key, users would also have to remember to change this setting for the contact in order to have the correspondence with that person encrypted automatically.

Best,

Lukas

_______________________________________________
evolution-list mailing list
[hidden email]
To change your list options or unsubscribe, visit ...
https://mail.gnome.org/mailman/listinfo/evolution-list

signature.asc (849 bytes) Download Attachment