IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [enigmail]

A data encryption and decryption extension for Mozilla Thunderbird and the SeaMonkey internet suite that provides OpenPGP public key e-mail encryption and signing.

18 questions
13
votes
3 answers

Why is encryption (or signing) of long lines in E-Mails with PGP problematic?

I am using Thunderbird with Enigmail and OpenPGP to encrypt and/or sign E-Mails. On many occasions Enigmail complains that I have too long lines in the mail and asks how it should wrap them. However this doesn't seem to follow any logical trends.…
Jens
  • 297
  • 2
  • 11
12
votes
3 answers

gpg-agent keeps saving pin for a smartcard

I've found today, that enigmail is decrypting a message without asking me for the smart card's PIN. It is asking only once, and then not ask at all. this is my gpg-agent.conf: default-cache-ttl 0 max-cache-ttl…
Stanimir Stoyanov
  • 221
  • 2
  • 6
11
votes
2 answers

Is using PGP/MIME or PGP Inline more secure?

Using Enigmail for Thunderbird, the setup wizard automatically sets itself to PGP/MIME and also disables HTML formatting. I am looking for security and have no idea which to use, though I do know HTML will not work with PGP Inline but will with…
user4191887
  • 749
  • 1
  • 6
  • 10
9
votes
1 answer

How to use subkeys for encryption and signing with Enigmail?

I'm having an issue with Enigmail. Here's an example to highlight my problem. Alice and Bob wish to communicate securely using Enigmail. For extra security, they both decide to create keys using the --expert flag, and make their primary keys have…
Yankee
  • 333
  • 1
  • 9
8
votes
3 answers

Would Axolotl Ratchet protocol be suitable for encrypting email communication?

Axolotl Ratchet is used by the Signal messenger (formerly known as TextSecure) and an enhanced version of OTR in a way to make it suitable for mobile applications, which has the probability to encrypt messages without both parties to have to be…
rubo77
  • 2,350
  • 10
  • 26
  • 48
5
votes
1 answer

How to decrypt email with revoked key in enigmail?

Is it possible to decrypt a message which is encrypted with a revoked PGP key? I still have the private key, but Enigmail doesn't show me revoked keys neither does automatic decryption. Edit: I created a new key pair, but some people still use my…
Tom Maier
  • 125
  • 1
  • 6
4
votes
1 answer

Do I need separate revocation certificates for each email address associated with a key?

I just created my first OpenPGP key with GnuPG + Thunderbird + Enigmail. The key is used for two email addresses. Now I created a revocation certificate. There is only on of the email addresses included in the filename of the revocation…
user573215
  • 443
  • 1
  • 4
  • 5
2
votes
1 answer

Is it possible to create GnuPG keys from a x509 cert/key pair?

I have a digital cert issued by my organization for signing email. It's imported into Thunderbird and the key and cert can be exported to a .p12 from within Thunderbird. I'd like to use the .p12 to generate a GnuPG key pair for use with the…
Server Fault
  • 233
  • 1
  • 7
2
votes
1 answer

Can I restore gpg private key from raw data to enigmail?

I have recovered data from my local storage. The most valuable for me was to recover the private gpg key. I have found it in raw data files, I did delimitation based on the headers and footers. Now I have two separate *.key files with private key…
Misz
  • 21
  • 1
2
votes
1 answer

Invalid GPG keys?

From emailselfdefense.fsf.org: Be wary of invalid keys GnuPG makes email safer, but it's still important to watch out for invalid keys, which might have fallen into the wrong hands. Email encrypted with invalid keys might be readable by…
marmistrz
  • 141
  • 3
1
vote
1 answer

Force specific encryption cipher for S/MIME mails

I have a number of contacts who can only decrypt 3DES, when it comes to S/MIME encrypted mails. I'm aware that this is by far not ideal, but better than no encryption at all. My problem is, that I can't find a way to force Thunderbird to use 3DES…
GarlicCheese
  • 129
  • 1
  • 11
1
vote
0 answers

Make key trusted in Enigmail?

I have tried to import a public key of someone into enigmail. The import failed silently (nothing absolutely happened, not even an error). I tried key from file and from clipboard. Then I used gpg --import on the file and the key appeared in gpg…
user6329530
  • 123
  • 3
1
vote
1 answer

Where is Enigmail's keyring stored?

I have a GPG public/private key to send email with Enigmail and Thunderbird. I received an encrypted email but Enigmail did not recognize it. I tried to use the command line, but gpg complains gpg: decryption failed: secret key not available. I…
Chloe
  • 1,668
  • 3
  • 15
  • 30
1
vote
1 answer

Can someone using Thunderbird with Enigmail plugin be a victim of email spoofing

Let's say Bob pretends to be Alice, spoofs a non encrypted email to make it look like Alice and sends that to John who uses Thunderbird with Enigmail plugin.
Kōdo no musō-ka
  • 315
  • 4
  • 11
1
vote
2 answers

Does Thunderbird Enigmail plugin decrypt attached files?

From my research I have found out that you can easily send encrypted messages to one another using Enigmail. If first I encrypted a file,then attached it to an email, sending it through Enigmail to a recipient who was also using Enigmail. When the…
Kōdo no musō-ka
  • 315
  • 4
  • 11
1
2