mu icon indicating copy to clipboard operation
mu copied to clipboard
verified publisher icon djcb

Add support for autocrypt spec

Open ghost opened this issue 7 years ago • 7 comments

Expected or desired behavior

Support L1 autocrypt spec by default: https://autocrypt.org/level1.html

Actual behavior

Manual configuration required for encryption.

Steps to reproduce

Nothing specific - this is RFE.

Versions of mu, mu4e/emacs, operating system etc.

Latest.

Any other detail

The nice thing about autocrypt that it degrades smoothly when communicating with clients which don't support it. It also shouldn't interfere with the existing encryption/signing support - anything explicitly configured by the user should always be preferred. There's interesting challenge as to how to properly implement UI, but once it's there, it should work out of the box.

There're already several implementations available https://autocrypt.org/dev-status.html (including mobiles) so it should be rather straightforward to test.

ghost avatar Feb 08 '18 10:02 ghost

Can you explain in a few lines what this does / why one might want this?

djcb avatar Feb 11 '18 10:02 djcb

Sure. The idea is rather trivial - make email encryption ubiquitous by making it "transparent" to the users:

  • if both sides support it, than it "just works"
  • if either side doesn't than it gracefully degrades to regular unprotected communication

More details are in https://autocrypt.org/examples.html

It's not a replacement for proper GPG setup because initial communication is unprotected but it's way easier to adopt for users because it doesn't require any efforts in maintaining web-of-trust etc.

Somewhat lengthier write-up is in https://autocrypt.org/background.html

In short: I'd use GPG to communicate with my nerd friends, I'd use autocrypt to communicate with my girlfriend.

ghost avatar Feb 11 '18 12:02 ghost

This is now supported in the newly released Enigmail v2.0 which just hit Ubuntu.

ArneBab avatar Apr 25 '18 09:04 ArneBab

What this does in practice:

  • It adds an autocrypt header which provides the public key to be used for replies: Autocrypt: [email protected]; [prefer-encrypt=mutual;] keydata=BASE64 — this header should be added for outbound mail automatically
  • drafts which are synced with the server should be encrypted to the sending account before syncing.
  • in can add gossip headers to encrypted MIME parts to spread keys within groups
  • It defines setup messages with symmetric encryption which make it easy to set up the same secret keys in multiple email clients, protected by a strong password.

For a practical view, see the example messages.

I hope I got all the essential information. It would be great to have this in mu4e!

ArneBab avatar Sep 20 '18 07:09 ArneBab

Does this information help? Do you need something more?

ArneBab avatar Sep 28 '18 19:09 ArneBab

Ah, thanks. Seems gmime 3.x already has support for this, that helps. It seems a bit non-trivial to add to mu4e though, but I'll keep this in mind.

djcb avatar Oct 09 '18 04:10 djcb

Also useful for use mu4e and deltachat at the same time https://delta.chat/en/help#can-i-reuse-my-existing-private-key

ghost avatar Oct 20 '20 15:10 ghost

There seems to be a project adding viewing capabilities to mu4e https://git.sr.ht/~pkal/autocrypt

Grauwolf avatar Jan 16 '23 16:01 Grauwolf

Thanks, @Grauwolf. I'll close the itcket here then.

djcb avatar Jan 29 '23 14:01 djcb