Feature Request: Enable end to end email encryption using OpenPGP. #82
Comments
|
Is this an improvement over using TLS email transport though? |
|
TLS only protects against intermediaries, it doesn't prevent the server owner from snooping (or anyone who exploits the server). But, implementation of client-side encryption in the browser was very challenging last time I looked at the problem. The then current implementation of GPG in JavaScript was considered unsafe for reasons I could not possibly remember/understand/explain. But, I'm sure browsers provide primitives to JavaScript now that would make it more feasible for someone who understands how to safely implement encryption. I just don't think we have anyone on the team that knows enough to do it safely; I wouldn't want to give the illusion of that kind of end-to-end security if we can't really deliver it. If you were to dig up one or more well-vetted and well-maintained implementations of client-side JavaScript GPG in the browser with examples of use, maybe we can put something on the todo list for mail client improvements. |
|
https://www.openpgp.org/software/ All email applications on this page support the OpenPGP standard either directly or with additional software. (The authors of this webpage are not actively participating in the development of each of these third-party apps. No security audits have been done by us and, thus, we cannot provide any security guarantees.) On This Page |
|
About OpenPGP is a non-proprietary format for authenticating or encrypting data, using public key cryptography. It is based on the original PGP (Pretty Good Privacy) software. Beginning in 1997, the OpenPGP Working Group was formed in the Internet Engineering Task Force (IETF) to define this standard that had formerly been a proprietary product since 1991. Over the past decade, PGP, and later OpenPGP, has become the standard for nearly all of the world’s signed or encrypted email. OpenPGP also defines a standard format for certificates which, unlike most other certificate formats, enables webs of trust. OpenPGP formats and uses are specified in many IETF RFCs and drafts1, so these standards can be implemented by any company without paying any licensing fees to anyone. RFC 3156 MIME Security with OpenPGP, |
|
Did I miss something? We already have GPG encryption for emails?
RAW: |
|
OK looks nice! Is it decrypting/encrypting transparently in Usermin Mail in the browser endpoint to endpoint? |
|
Chris, why are you talking about decrypting/encrypting in the browser? This is what is done and must be done on the server side (I assume, and if I implemented it at the first place, I would have done it that way, and only that way - no browser should be involved, right?). Please check how encryption/decryption is implemented in File Manager already, for emails it must be no different. I have added |
|
That is server-side. I assumed the initial ticket was about client-side, since Usermin has had encryption on the server forever. But, that means anyone with server access can read all email. At this point there probably is no technical reason it cannot be done in the browser (again, encryption primitives are available to JavaScript now where they were not in the past). But, I don't know that we are the people to implement it (that Ilia can't imagine it could be done at all should be evidence of that!). Again, I wouldn't want to make mistakes that would lead to a false sense of security...if we can't do it right, doing it at all would be a disservice to users, in this case more than just about any other. |
👌🏻
Actually, I can imagine how it could be do for better security (probably) using the browser. For starters, thinking off hand, as we have a SPA UI, we can load mail page once, and then we can ask a user that has GPG for mail enabled, to provide either a decryption key or a passphrase for existing private key. This decryption key or a passphrase would be stored in a browser memory and used to decrypt mail and would be lost upon page reload. As well, technically it could be stored on a browser's side too (probably not safe). We would have to make sure that we send it to the server securely and ran decryption also securely. Also, doing it in the browser itself -- hm .. never thought of it but I don't see why not. But again, where do you store your private key for decryption? The safest way that seems to me at the moment (without investigating on the subject) is to store it in browser's memory and have it flushed when page is reloaded or browser's page is closed. But again .. who the heck is going to use all of this? Folks from Langley? Meeting secretly in the park, sharing private keys and then also somehow sharing a passphrase to unlock the key .. umm .. what? All of this seems like a great waste of time.
Yes, the best improvement that I wouldn't mind implementing is sending a passphrase to unlock existing private key to decrypt emails. |
|
Yes, the reason they do the openpgp encryption/decryption in the browser endpoint, is so that server admins cannot snoop the email contents, and cannot reply to a legal request to share clear unencrypted emails with three letter agencies, and the server cannot "leak" clear contents to nation state adversaries (e.g. US TikTok claims they maintain user privacy however have admitted in recorded meetings they "leak" all US user data to ByteDance china and its resident in house system admins employed by the chinese communist party for upload to storage in their mainland database profiling all users for future use in conflict, commercial espionage, locating wanted people thru your social web of contacts and tracking down and kidnapping political dissidents anywhere on earth, etc). |
|
If you look at protonmail, this openpgp encryption is fully transparent and effortless for the user, you never even realize it's encrypted email, all you enter is your email address and password like a normal webmail service, and the browser can do all the work, generate keys, remember it, or the app can remember it. I believe it's "asymmetric encryption" for making it easier on the users. |
|
So, this is my concern. Nobody here knows how it has to be done, for it to be safe. It cannot have mistakes, and it can't be a "I think this is how it could be done, let's try it" kind of implementation. Something is much worse than nothing when it comes to leading users to believing they are secure when in fact there are holes in that security. It can be done, but again, I don't think we are the people to do it. At least not without a lot of reading and research; like months of it. |
|
Even though it can be done right - what is the percentage of users will actually use it? |
|
It's become very mainstream, all major browsers support it, you have these well supported javascript libraries that do the work, protonmail is a massive success, and it would become a selling point for virtualmin. Agreed, it would have to be done right, however, the libraries already exist, so the research and development is already done, it's basically a job of connecting it into the Usermin UI so the experience would be effortless for the user, same as it's effortless on protonmail. People want privacy thru end to end encryption, so they can speak freely and not lose their conversation to their adversaries, if they can get it effortlessly, and they should be able to get it effortlessly because these libraries are battle tested and standardized. For a sense of the demand, look at standalone apps such as signal, telegram, iMessage, all end to end encrypted, none of the middle servers can see your clear message. When you have openpgp end to end in Usermin, it's already in browsers and email apps, and can communicate with other openpgp users such as protonmail users, and other services, it's definitely going to draw attention from all over the internet, and add users to Virtualmin/Usermin. People want this because they're so highly aware of the huge negative consequences of communicating thru clear text email and they hate to have their conversations collected and archived forever and built up a profile on them and used against them or against anyone they communicate with, at any time by anyone, especially by adversaries known or unknown, now or in the future. |
|
All these are great points but Usermin is not commercial product. Although, I don't mind looking into adding it when the times comes to continue to work on mail. I have checked on how Protonmail is doing it. It's nice! They say:
Your Proton Mail private key is generated in your browser. Before sending the private key to the server for storage, we encrypt it with your password (or mailbox password if you use two-password mode). This ensures that you and only you can use your private key.
The point is not to trust the server and trust the browser when generating a private key, then encrypt it with user password and store it on remove server? What is the goal for storing it on remove server anyway then if everything can and should be done in the browser? Does Proton stores it on their servers for recovery (multi sessions) purposes, perhaps but runs all decryption in the browser? Or decryption happens on their servers? |
Obviously not. If it did, it would completely remove any reason to do encryption in the browser. The key is stored on their servers for convenience. You can open your account from any browser, and it downloads the key when you login...but the key can only be used to encrypt/decrypt if you know the password, so the server does not have any visibility into mail. At least, that's the theory. There is some risk in this kind of implementation, but I'll give them the benefit of the doubt and assume that since they've been doing this for years, they know what they're doing.
No it isn't. It is a modest success, not even in the top ten list of email providers; I'm not even sure it's a sustainable business, though I guess they've been around for several years, so it must at least pay the bills and keep some developers employed. It is worth noting that privacy (and mail, in particular) is their specialty. They've been working on it for years. I don't know if we're equipped to try to compete with them (or that we want to try to compete with them). I have significant doubts about this being a feature that would move the needle on Virtualmin sales at all (Usermin is not even close to the most popular mail client among Virtualmin users, it's not a feature most care about at all), and the resources required to implement it are quite large. Among the biggest projects on our radar right now, actually. This is a nice idea, but I continue to think we're not the right people to do it. We just don't have the spare developer cycles, especially for something that is unlikely to result in any increase in revenue. |
|
Only reason I requested this is because conversation privacy/email encryption is huge in demand these days, and the effort required to add this transparent email encryption to Virtualmin should be minimal, with the free open source libraries. You'd have to include the library in Usermin, call the functions in a few places, "auto detect encrypted message", "auto load private key", and "decrypt message in browser", "encrypt outgoing message before send out to server". Originally, all websites Same with email, it's evolving, from the original unencrypted easy to snoop on and build a profile on you and surveil you in every aspect, to effortless private encrypted email with OpenPGP. Same email address and password to login and check in any client browser or popular relatively recent mail app. You don't even notice you're using private email except when you see the padlock icon next to the message. And since it's end-to-end, your private email works between all mail servers, with only the client mail app or browser needs to support the OpenPGP library, and all the best ones do! |
|
This would be great to play around with adding to a test server instance, "on a rainy day", when any, and all, issues blocking the current release being worked on, will have been solved, and the weather conditions are calm - no high priority open issues! We could add end-to-end encrypted email to Pro, at least at the beginning! I predict many, many, many users would be willing to pay for email privacy. Maybe step 2, release it to GPL, for only one mailbox per domain, with mailbox size limited to under 500 MB? As an incentive for users to upgrade to Pro. If this would be possible. Same Freemium model as how Protonmail does it. 500 MB is free. Each step higher in mailbox size, obviously the user is more reliant on their encrypted mailbox, the user is consuming more hosted storage space, so this requires an increasing monthly subscription. Alternately, a freemium hosting model, and this would require adding hosting partners, for a monthly subscription fee, fully host the users' I predict, if and when Virtualmin adds this effortless end-to-end encryption for ultra private secure email messaging, and it will be equal in terms of the super easy user experience, ease of use, and privacy, to the mainstream offerings such as protonmail, and uses the same exact open source library, and is compatible with the many many browsers and mail apps that already are compatible with this open source tech... ...this Virtualmin version release event, with super easy, totally private email, would get talked about online by many, many, many cutting edge super users, and tech journalists, excited by this huge leap forward in user privacy, which eliminates the burden of managing your own private key! Finally the everyday non-power-user next door, the kid, the school, the library, the small business, all can have private encrypted email, and don't have to give it a second thought! Naturally leading to a bump up in Pro subscriptions. Which would be a very good thing for the software, devs, and grow the size of the user community, and increase the number of contributors. |
|
Another approach, install the browser plugin "Mailvelope" for FF, Chrome, or Edge, which contains the OpenPGP encryption/decryption library and processes the webmail message in the page. |
|
Oh, yeah, I'd used that in the past, or at least tested it so I could show others how to use it at cryptoparties. But, I hadn't ever tested it with Usermin. |
|
OK nice. It's pre configured for popular webmail like yahoo etc. I believe you just need to configure it to help it auto detect URL patterns or which HTML elements where it should look in the usermin webmail page to find the encrypted openPGP email message. |
Secure private email, using the same free open source encryption package as web mail service Protonmail. OpenPGP encrypts the body of the email, making it unreadable by "men in the middle" (mail server admins, ISPs, three letter agencies), the only readable content in transit would be the email Subject line. Sender and receiver can only read or send encrypted emails inside their OpenPGP enabled mail apps. Usermin should be one such mail app.
Would be very nice to have this option to increase value of email and reduce or remove necessity of using third party encrypted messaging apps.
The text was updated successfully, but these errors were encountered: