Mozilla will integrate the OpenPGP encryption standard into Thunderbird. The integration is expected in version 78 of the email client. This update should be released in the summer of 2020. Currently Thunderbird supports OpenPGP via the Enigmail add-on.
Mozilla reports that the built-in OpenPGP feature will replace the Enigmail add-on. Enigmail is a third party extension that allows users to communicate via OpenPGP. In Thunderbird 78, ‘the types of add-ons supported’ will change in the mail client. Mozilla is going to remove support for legacy add-ons. Add-ons developers should convert them to a MailExtension. The changes will begin in version 72 of Thunderbird, which is due for release at the end of this year. Enigmail will in any case remain usable in version 68 of Thunderbird. Mozilla will support this version of the email client until Fall 2020.
The integration of OpenPGP should ensure that more people start using the encryption standard. At the time of writing, approximately 119,000 people use the Enigmail extension. When Thunderbird 78 comes out, Enigmail users will automatically be able to use OpenPGP with capabilities to migrate keys and settings. People who don’t have Enigmail installed will have to manually configure OpenPGP.
With Thunderbird 78, Mozilla will encourage the use of OpenPGP by encouraging users to make ownership confirmations. Mozilla will also warn users when the key of a sender or recipient is suddenly changed. When necessary, Mozilla will also provide technical support to users. Mozilla indicates that it does not yet know whether Thunderbird will support indirect key ownership confirmations. Sharing key confirmations is supported. Interaction with OpenPGP’s servers is also possible.
OpenPGP is a widely used encryption standard for text and email messages. OpenPGP is based on pgp, also known as ‘pretty good privacy’, and uses asymmetric cryptography. This means that two separate keys are required when communicating via OpenPGP. One for encrypting and one for opening messages. OpenPGP is already supported by default in some mail clients, such as eM Client.
Thunderbird already supports S/MIME, another encryption standard, by default. S/MIME will continue to be usable in future versions of Thunderbird. Like OpenPGP, S/MIME works with a private and a public key. S/MIME users can also digitally sign their e-mail messages, among other things. This way recipients know for sure that they receive an email from the right person, which should prevent phishing, for example.
S/MIME requires a central, trusted authority to issue certificates. This is similar to ssl/tls certification. With pgp this is not necessary; OpenPGP uses a decentralized network without certificates. However, S/MIME does support sending files, such as images. Pgp only supports text. S/MIME is supported by almost all email providers, such as Gmail and Outlook.