[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #20618 [Applications/GetTor]: GetTor does not return download links when using Protonmail.com
#20618: GetTor does not return download links when using Protonmail.com
------------------------------------------------+--------------------------
Reporter: gaj | Owner: ilv
Type: defect | Status: closed
Priority: Medium | Milestone:
Component: Applications/GetTor | Version:
Severity: Normal | Resolution: not a
| bug
Keywords: GetTor, download links, protonmail | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
------------------------------------------------+--------------------------
Comment (by arma):
Replying to [comment:7 gaj]:
> ProtonMail does use the encryption key in the message header by default,
and this setting can not be changed. As far as I understand, this key is
always present, and messages to other (non ProtonMail) servers are
encrypted using TLS 'if the non-ProtonMail mail server supports it' (see
https://protonmail.com/support/knowledge-base/what-is-encrypted/)
> I don't know if/how TLS is handled by GetTor?
TLS is fine and normal. TLS would mean using link encryption, when
supported, between the protonmail server and whatever mailserver it's
delivering the mail to. Yay link encryption.
But what's happening here is that protonmail is encrypting the email
message to some gpg key. How is it picking the key? It looks to me like a
surprising and broken design -- like protonmail is just picking a key at
random from the internet and making its mail unreadable to anybody who
doesn't have the corresponding private key. How do they expect that to
work?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20618#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs