Questions about the p≡p settings (especially old install vs. fresh install)

[Furlong]

Hi,

first, thanks for the great new features, they are really valuable! I experimented with it, but still have some questions regarding the settings:

1. I'm very confused about the junior mode: On an old setup (debian), the automated junior mode seems to preserve the old enigmail menue (e.g. with the setup wizard or an option of transferring the keys and settings as a Zip). It changes to the new UI, if I enforce the p≡p mode. On a fresh install (Windows) there is no difference between automated junior mode and enforced p≡p mode.

2. So it seems that the classic Open-PGP UI (e.g. without the p≡p handshake options) is only available for old users, that get a silent update of the plugin (=automated junior mode)? So in the future, p≡p UI will be the only mode besides S/MIME? (I would appreciate that!)

3. Is there an option to keep the passphrase enabled? It seems to be active in an old setup (silent update) and is deactivated in a fresh install.

4. What happens, if I uncheck "Store messages securely" (pepPref.storeSecurely)? My emails seem to be still stored encrypted in raw view...?

5. What does "Enable Privacy Protection" (pepPref.enableEncryption) do?

Enigmail Version 2.0.7
Thunderbird on Debian (old install) and Windows (fresh install)

[Patrick Brunschwig]

1. The Junior mode is not just always on. In fact, the Junior mode is only on, if the Enigmail menu is displayed as "Enigmail/pEp" and does not contain all the "regular" menu entries.
2. You can switch between the Junior mode and the classical Enigmail mode in the Thunderbird preferences > Privacy tab
3. If you use the Junior mode, and pEp creates a new key for you, then the key is without password by default. If you want to add a password for the key, you can do that in the Key Manager, or using gpg on the command line.
4. Then sent mails will be decrypted after they were sent (and thus kept unencrypted in the sent mails folder). Note that this happens directly after sending, it won't affect any existing messages.
5. When it's on (true), then Enigmail will ask pEp to encrypt the message if possible. If it's off, all mails will be sent unencrypted.

[Patrick Brunschwig]

I should add that the Debian version of Enigmail (if installed via apt) does not try to download the pEp engine and therefore will not use the Junior mode, even if you forcibly request it.

[Furlong]

Thanks, Patrick! Now I understand - so S/MIME mode includes the classic OpenPGP mode - I thought it switches to Thunderbird-S/MIME with the hierarchical key certification.

The p≡p developers state, that a passphrase is not necessary anymore, but as far as I understand, they didn't change the process. What do you recommend?