Thunderbird to support OpenPGP encryption standard in 2020
The next major version of the open source cross-platform email client Thunderbird will support the OpenPGP encryption standard natively.
Thunderbird users may use the extension Enigmail currently to use OpenPGP functionality in the email client; this adds encryption and digital signature support to the email client to protect emails from unauthorized access (emails are transferred in plain text by default). Jack Wallen reviewed Enigmail back in 2009 and I published an updated guide in September 2017 detailing how to encrypt emails in Thunderbird using Enigmail.
The development team released Thunderbird 68 in August. Thunderbird shares code with the Firefox web browser and a consequence of that was that the team had to make changes to the extensions system just like Mozilla did when it released Firefox 57. Thunderbird 68.0 does not support certain types of classic extensions and the next major version of Thunderbird, version 78, finalizes the migration.
One consequence of the move is that classic add-ons, Enigmail being one of them, won't be supported anymore in the new version of the email client. Some extensions may be ported while others may not as it depends on API support and a developer's willingness to migrate the extension.
Enigmail is used by over 119,000 users currently and discontinuation of the extension would affect these users severely. The development team decided to explore options and one of them was to integrate the OpenPGP standard natively in the client; this would allow users of Enigmail to migrate to the built-in functionality and make encryption functionality available to all users of the email client.
Thunderbird 78, which will be released in Summer 2020, will support native encryption. Enigmail won't be compatible with Thunderbird 78 anymore. The developer of the Enigmail extension agreed to work with the Thunderbird team to implement OpenPGP functionality in the email client.
Enigmail users will get options to migrate existing keys and settings, and most things should work just like before. Whether indirect key ownership confirmations will be supported has not been decided yet.
Thunderbird 78 "will encourage" users of Enigmail to perform ownership confirmations of keys and notify the user if the key of the correspondent changed.
Encryption won't be enabled automatically for users who have not used Enigmail in the past but the team plans to integrate discovery options in the client.
A wiki page highlights the plans in detail.
Closing Words
Thunderbird 78 will support native OpenPGP standard support; that is a good thing as it unlocks encryption options to every user of the client. The original developer will work on the integration and existing users may migrate to the native solution once it lands in Thunderbird. A few uncertainties remain as the development plan has not been finalized yet.
Now You: do you encrypt your emails?(via Deskmodder)
What a nice idea! Too bad they didn’t have this feature 10 years ago.
Yes it would have been great. I still think it is a good idea to implement this natively.
I recall reading an article some years ago that the creator of PGP (Phil Zimmerman) was not actively using it because it lacked a good Mac client, but he’s not alone: even paranoid security folks I know don’t use it. If Thunderbird can simplify the tool and make it accessible (including on the Mac), it may finally see some widespread adoption. That would be amazing since this program could mean a lot more privacy and security than most people have access to.
At first glance, I thought this was a *great* idea — until I started reading the fine-print. Due to apparent conflicts between the MPL 2.0 and Gnu 3+ licenses, GnuPG will NOT be used. Also not used will be GnuPG’s key storage formats or trust parameters. Right now, I have *one* set of keyrings to worry about, those provided by GnuPG. When this is rolled-out, I will have a second set of keys/keyrings to worry about keeping updated/synchronized.
I like GnuPG; I like Thunderbird; if I have to choose between the two, Thunderbird will be the one to go.
More details at https://groups.google.com/forum/#!topic/tb-planning/7fQN0hdIvLg
PGP and Enigmail are an overcomplicated technical PITA to use for normal users, compared to typical modern encrypted communication software. I doubt that adding this natively to Thunderbird will bring many more average users to use it.
And congrats Mozilla for needlessly destroying classic Thunderbird extensions too in your Googlification process.
@Anonymous: I doubt that adding this natively to Thunderbird will bring many more average users to use it.
Enigmail users will get options to migrate existing keys and settings.
Encryption won’t be enabled automatically for users who have not used Enigmail in the past but the team plans to integrate discovery options in the client.
The plans in detail:
Thunderbird:OpenPGP:2020 | MozillaWiki
https://wiki.mozilla.org/Thunderbird:OpenPGP:2020
Now, back to the main topic: do you encrypt your emails?
Of course, one of its users.
For me, the existence of “Enigmail†has increased the value of Thunderbird.
I am therefore interested in the future of OpenPGP encryption.