Re: [Tails-dev] PGP MIME is insecure (for me)

This message is part of the following thread:
Mthe complete thread tree sorted by date
M\anonym at <-
MMemmapeel at ->
Delete this message

Reply to this message
Author: Adam Burns
Date:  
To: tails-dev
Old-Topics: Re: [Tails-dev] Post-1.3.2 ticket assignments and postponements
Subject: Re: [Tails-dev] PGP MIME is insecure (for me)
Hi intrigi, sajolida, and others,

On 04/03/2015 11:48 AM, intrigeri wrote:
> Hi Adam,
>
> Adam Burns wrote (02 Apr 2015 07:10:26 GMT) :
>> I caused the ticket 8986 to be raised and recently joined the list to not only
>> follow up, but also see where I can help out.
>
> Woohoo :)
>
>> It's my understanding that the issue is the current default Claws
>> configuration of the Drafts / Queue folders being over IMAP (and being auto-
>> saved) when they are perhaps better local (RAM disk or persistent volume).
>
> Right. The easiest ways to fix the problem for real were tried
> already, and failed => see the "PGP MIME is insecure (for me)" thread
> on this mailing-list. Perhaps a less easy but working solution exists.
> Let's please keep the discussion going in that other thread, otherwise
> if it's spread over multiple threads it's going to be hard to
> follow :)

Reassigning Drafts/Queue folders to an MH local seems to be very messy,
not (eaaily) templatable and confusing to users now with 2 mailbox
accounts, one IMAP, one local.

sajolida, I note your recent posts in Claws bugzilla

http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=2661
and
http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=2965

Not sure there is much impetus by Claws team to act on this, however, I
note in

http://www.webupd8.org/2014/05/claws-mail-310-released-with-auto.html 

"Changes in Claws Mail 3.10:
...
    Added a preference to avoid automatically drafting emails that are
to be sent encrypted (Configuration > Preferences > Compose > Writing); "


Quick tests under version *3.11.1* (in Fedora 21) show the problem to go
away (yay!) when deselecting Preferences->Writing->Automatically save
messge to Draft->Even if message is to be encrypted". This should be
templatable.

Don't know the policy on application version bumping in Tails, but it
appears that the easiest way forward may be to upgrade Claws to >3.10?

>> It's also my belief that a solution be documented as soon as possible to
>> publicize to existing users on existing versions the risk and how to mitigate
>> it.
>
> Fully agreed. I believe BitingBird has added notes to this effect on
> an existing ticket, but I don't remember which one. BitingBird, will
> you take it from now on, and perhaps introduce Adam to our processes
> and tools to work on documentation?

I assume BitingBird has been busy, but if there are pointers to this,
would appreciate them to help out in more depth.

Cheers!

--
Adam Burns

XMPP: adam.burns@???
51D2 CACB 3604 00E3 05D7 9AE0 E4C7 6DBF E283 909C
GPG Server: keys.gnupg.net

This message was posted to the following mailing lists:
tails-dev
Mailing List Info | Nearby Messages		<-[Tails-dev] Jenkins build is back to normal : build_Tails_ISO_feature-jessie #463Re: [Tails-dev] PGP MIME is insecure (for me)->
lists.autistici.org administrated by postmasterLurker (version 2.3)