On 9/17/20 6:53 AM, Carlos E. R. wrote:
On 17/09/2020 13.29, Anton Aylward wrote:
Well it works for me Thunderbird 78.2.2 out of
...
Restarted T'Bird out of paranoid and tried it in correspondence with a friend who doesn't use Linux. we tried both encrypted and just signed in both directions. It works but it is strange. It is strange in that I never was asked for a passphrase.
It doesn't if you have not set a master password for TB itself, I understand.
It is strange in that the only indication that the message was encrypted or signed is an icon in the top right-hand corner. if you click on the icon you get details and can drill down to see what key is being used. Sending you are not offered a choice of key. My correspondent was surprised at that, so he generated a new key and sent it and I verified it, and peeked to see that, yes, T'Bird knew about it, but next time round T'Bird still insisted on using the oldest signed key. Again not offering me a choice of which key to use.
I haven't tried using the external version of GPG yet.
After you import you keys with the enigmail helper, be aware of: https://support.mozilla.org/en-US/kb/openpgp-thunderbird-howto-and-faq#w_i-n... I need to use both GnuPG and Thunderbird in parallel, can I synchronize my keys? No. At this time, Thunderbird uses its own copy of keys, and doesn't support synchronizing keys with GnuPG. The exception is the mechanism offered for smartcards, which could be used to use the personal keys managed by GnuPG. How is my personal key protected? At the time you import your personal key into Thunderbird, we unlock it, and protect it with a different password, that is automatically (randomly) created. The same automatic password will be used for all OpenPGP secret keys managed by Thunderbird. You should use the Thunderbird feature to set a Master Password. Without a master password, your OpenPGP keys in your profile directory are unprotected. -- David C. Rankin, J.D.,P.E.