sequoia-octopus-librnp has landed in Factory
This is a drop-in replacement for the RNP library supported and shipped by Thunderbird. This project is called the Octopus, because octopuses can fit
Hello! Are you annoyed by having a PGP keyring in Thunderbird separate from your ~/.gnupg? There is a solution! The MozillaThunderbird package has now a new subpackage MozillaThunderbird-openpgp-librnp. This isn't that much exciting by itself, but it can be replaced by sequoia-octopus-librnp, that has just landed in Factory. Quoting from https://gitlab.com/sequoia-pgp/sequoia-octopus-librnp : themselves in unusual places, and in this project we reimplement the RNP API as used by Thunderbird using Sequoia. The package MozillaThunderbird-openpgp-librnp should be installed by default and installation of sequoia-octopus-librnp should always be an explicit action. If that's not the case, please raise it up.
On 28.03.24 10:22, Adam Mizerski via openSUSE Factory wrote:
Hello!
Are you annoyed by having a PGP keyring in Thunderbird separate from your ~/.gnupg? There is a solution!
You are my hero :-) Is there any documentation availabe how to make sure that all openpgp data / secrets are purged from thunderbird? I'm using mail.openpgp.allow_external_gnupg but still I don't have to enter my gnupg passphrase to unlock my keyring, which feels like "something" is stored in thunderbirds secret store... Best regards, -- Stefan Seyfried "For a successful technology, reality must take precedence over public relations, for nature cannot be fooled." -- Richard Feynman
On Thu, Mar 28, 2024 at 1:38 PM Stefan Seyfried via openSUSE Factory <factory@lists.opensuse.org> wrote:
On 28.03.24 10:22, Adam Mizerski via openSUSE Factory wrote:
Hello!
Are you annoyed by having a PGP keyring in Thunderbird separate from your ~/.gnupg? There is a solution!
You are my hero :-)
Is there any documentation availabe how to make sure that all openpgp data / secrets are purged from thunderbird? I'm using mail.openpgp.allow_external_gnupg but still I don't have to enter my gnupg passphrase to unlock my keyring, which feels like "something" is stored in thunderbirds secret store...
Are you concerned by secret leakage? Because whatever is stored there should be accessed via RNP and once RNP is replaced it basically becomes invisible (in normal workflow).
W dniu 28.03.2024 o 11:38, Stefan Seyfried via openSUSE Factory pisze:
On 28.03.24 10:22, Adam Mizerski via openSUSE Factory wrote:
Hello!
Are you annoyed by having a PGP keyring in Thunderbird separate from your ~/.gnupg? There is a solution!
You are my hero :-)
https://i.kym-cdn.com/entries/icons/original/000/029/727/citizen.jpg
Is there any documentation availabe how to make sure that all openpgp data / secrets are purged from thunderbird?
I have no idea. Please share if you find something.
On Thu, Mar 28, 2024 at 1:38 PM Stefan Seyfried via openSUSE Factory <factory@lists.opensuse.org> wrote:
On 28.03.24 10:22, Adam Mizerski via openSUSE Factory wrote:
Hello!
Are you annoyed by having a PGP keyring in Thunderbird separate from your ~/.gnupg? There is a solution!
You are my hero :-)
Is there any documentation availabe how to make sure that all openpgp data / secrets are purged from thunderbird? I'm using mail.openpgp.allow_external_gnupg but still I don't have to enter my gnupg passphrase to unlock my keyring, which feels like "something" is stored in thunderbirds secret store...
According to https://security.stackexchange.com/questions/254992/how-are-the-pgp-keys-tha..., data is stored in the profile as securing.pgp and pubring.pgp. So I assume deleting these files should suffice.
Hi, Am 28.03.24 um 10:22 schrieb Adam Mizerski via openSUSE Factory:
The MozillaThunderbird package has now a new subpackage MozillaThunderbird-openpgp-librnp. This isn't that much exciting by itself, but it can be replaced by sequoia-octopus-librnp, that has just landed in Factory.
thanks for taking over responsibility here to bring it to Factory. It always has been my plan but I could only spend too little time to finalize it. So for others interested in it: This combination of packages was sitting in mozilla:experimental for quite a while (almost since TB 102 existed IIRC) and was used by people before. So it can be considered sufficiently stable ;-) Wolfgang
participants (4)
-
Adam Mizerski -
Andrei Borzenkov -
Stefan Seyfried -
Wolfgang Rosenauer