Thunderbird implements PGP crypto feature requested 21 years ago

As Mozilla kills off secure file transfer tool because – shock! – it was being abused

58 Reg comments Got Tips?

Mozilla's mail reader Thunderbird has implemented a feature first requested 21 years ago.

The somewhat garbled request – "I'd appreciate a plugin for PGP to ede and encrypt PGP crypted messages directly in Mozilla" [sic] – appears to have gone unimplemented due to concerns about US laws that bar export of encryption, debate about whether PGP was the right way to do crypto, and other matters besides.

Thunderbird eventually chose to use Enigmail and its implementation of OpenPGP public key email encryption. However, it was an add-on rather than integrated. Commenters in the Bugzilla thread stemming from the request kept the dream of an integrated solution alive, though.

Then in October 2019, the Thunderbird blog announced that Thunderbird 78 "will add built-in functionality for email encryption and digital signatures using the OpenPGP standard."

Thunderbird 78 emerged in July 2020, and late in August Thunderbird contributor Kai Engert (:KaiE:) posted: "We have released support for OpenPGP email in Thunderbird version 78.2.1. Marking fixed."

Also at Mozilla

In other Mozillan news, the outfit has announced it is killing off a couple of products.

One, the encrypted file-sharing tool Firefox Send, "garnered good reach, a loyal audience, and real signs of value throughout its life", according to a Mozilla blog post. Unfortunately, among those who perceived value were "some abusive users were beginning to use Send to ship malware and conduct spear phishing attacks".

Mozilla therefore took Send offline and has decided not to relaunch it in line with recent strategic review that saw the organisation shed a quarter of its staff.

Firefox Notes, an encrypted data sharing tool, has also been shown the door and will cease operations as of November 2020. ®


Biting the hand that feeds IT © 1998–2020