Hi, Am 14.09.20 um 20:53 schrieb Martin Wilck:
Q: "I need to use both GnuPG and Thunderbird in parallel, can I synchronize my keys?" A: "No."
Q: "How is my personal key protected?" A: "At the time you import your personal key into Thunderbird, we unlock it, and protect it with a different password, that is automatically (randomly) created. [..] You should use the Thunderbird feature to set a Master Password. Without a master password, your OpenPGP keys in your profile directory are unprotected."
These two answers prove to me that this feature isn't production-ready. Protecting one of the most important items for personal privacy (the GPG secret key) with just the thunderbird master password sounds like a joke. In general, not relying on gpg strikes me as a bad idea, as that's what allows sharing the same set of keys between different applications. And being unable to share or even synchronize keys with the de-facto-standard PGP encryption software seems - dumb, sorry.
It's not your fault. But perhaps let it sit in the mozilla repo for some more time.
what I understood it was not a light decision to implement it like this. There was basically not much choice from what I know. The Mozilla platform does not allow that deep integration with the system anymore (with the removal of legacy extensions to webextensions only). Integrating or linking to GPG components then again would have been a platform specific one and also apparently license wise not really an option. Just waiting most likely won't change the situation because of that. For certain usecases a bit of GPG support is still available: https://wiki.mozilla.org/Thunderbird:OpenPGP:Smartcards Wolfgang -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org