Re: [tor-bugs] #7093 [TorBirdy]: Enhance Enigmail preferences in TorBirdy

["Tor Bug Tracker & Wiki" <torproject-admin@xxxxxxxxxxxxxx>]

#7093: Enhance Enigmail preferences in TorBirdy
-------------------------+--------------------------------------------------
 Reporter:  sukhbir      |          Owner:  ioerror
     Type:  enhancement  |         Status:  new    
 Priority:  normal       |      Milestone:         
Component:  TorBirdy     |        Version:         
 Keywords:               |         Parent:         
   Points:               |   Actualpoints:         
-------------------------+--------------------------------------------------

Comment(by ioerror):

 Replying to [ticket:7093 sukhbir]:
 > Karsten N. from JonDo has brought the following points to our notice
 about TorBirdy's Enigmail preferences:
 >
 > 1: You append the hidden keyserver used for Tor to the
 >    "extensions.enigmail.agentAdditionalParam"
 >
 >    Why not using "extensions.enigmail.keyserver" for the keyserver. It
 may be possible to add more keyserver in a comma separated list if more
 hidden services are known and and let the user choose one.
 >
 >    Additional the user will see the used keyserver in the dialog and not
 the default Thunderbird keyserver.
 >

 If we find it works identically, I'm fine with changing it. However, I
 wanted to ensure that we always added it when gpg was called.

 > 2: You are using the keyserver option "no-auto-key-retrieve".
 >
 >    I did not found this option in my GnuPG documentation, only "auto-
 key-retrieve" is documented and disabled by default.
 >

 'no-' is a generic prefix to disable it. Different versions behave
 differently and so we are explicit rather than implicit.

 >    I would recommend the usage of  "--no-auto-key-locate" for
 "extensions.enigmail.agentAdditionalParam". It will do the job and avoid
 web-bug like tracking with OpenGPG keys. For key search only the local
 keyring is used with this option.
 >

 That is already taken care of, I believe.

 > 3: I got some returns of TorBirdy user. The option in the preferences
 dialog:
 >
 >     "Disable GPG '--throw-keyids' [default: enabled]"
 >
 >    is not understandable for some user. May be we can replace it by a
 more "normal" language string, something like:
 >
 >    "Put the recipient key IDs into OpenPGP encrypted messages (not
 recommended)"

 That seems fine.

 >
 > JonDo is recommending TorBirdy so we have some valuable feedback from
 that end also. If we agree to these changes, Karsten will send us a patch
 for them.


 I'm fine with 1 and 3 but 2 is just a weird gpg ism that i think we'd be
 best not to change.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/7093#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs