Enigmail / Bugs / #719 Prompt for decryption key password within the message page

#719 Prompt for decryption key password within the message page

Status: invalid

Owner: nobody

Labels: None

Found in Version: 1.9.8

Severity: Enhancement

Thunderbird version: 52

GnuPG version:

Operating System: All

Fixed in version: ---

Cc: nobody

Updated: 2017-11-20

Created: 2017-11-19

Creator: Eyal Rozenberg

Private: No

When one clicks a message in the 3-pane window encrypted with a key which requires entering a passphrase, a dialog box comes up expecting one to enter the password. This is somewhat annoying/breaks the flow of viewing contiguous messages focusing on the same window.

Instead, I suggest (at least as a configurable option) that the prompt for the password appear instead of the message and in the message pane of the 3-pane window (or the separate message window if one double-clicks the message). Entering the password there will replace the password prompt with the decrypted message (e.g. by reloading the message or just by adding DOM nodes for the decrypted content). This will mean that the user's attention, which was focused on the message page already, will not be diverted elsewhere. Also, if the user is scrolling through several messages and leaves the encrypted message s/he will not have the dangling dialog box to attend to.

Discussion

Patrick Brunschwig - 2017-11-19

status: open --> invalid
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Patrick Brunschwig - 2017-11-19

Enigmail uses GnuPG for all crypto-related operations. Since GnuPG 2.0, gpg-agent (a component of GnuPG) takes care of launching a pinentry dialog whenever there is need for it.

It is therefore outside of the control of Enigmail to a) determine when a password is requried, and b) to have the user enter the passphrase.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Eyal Rozenberg - 2017-11-20

The fact that GnuPG is used does not mean it is imperative to use an external UI. It is certainly possibly to have the extension provide the UI and communicate through I/O streams with GnuPG binaries.

In other words, it is quite possible, AFAICT, to put (a) and (b) under the control of Enigmail and use more pleasing UI - without subsuming any of the crypto-related functionality of GnuPG.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
- Patrick Brunschwig - 2017-11-20
  
  GnuPG 2.0 (which is still the most widely used version) does not provide any method to enter the passphrase other than gpg-agent.
  
  GnuPG 2.2 allows to use a loopback, that is the passphrase is provided via stdin.
  
  The only viable option to implement this would be to create a pinentry replacement and use it to call Thunderbird. But that's an environment change for users that I would never want to implement. GnuPG setup issues represent already now 90% of all issues.
  
  I'm not a GnuPG developer, but my understanding of GnuPG is that email clients are not supposed to have any part when it comes to passphrase handling. Anything else is needed just a hack.
  
  alternate
  
  If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Prompt for decryption key password within the message page

OpenPGP addon for Mozilla Thunderbird

Searches

Help

#719 Prompt for decryption key password within the message page

Discussion