Upgrade email encryption for existing addresses and emails
As a long-time Proton-supporter (amongst the first users), my encryption keys for emails are rather old and somewhat not state of the art anymore (e.g. RSA 2048-bit).
The current feature to generate new keys requires me to keep the old keys for old emails intact - but I'm looking for a feature that would actually allow me to REPLACE my existing key with a more modern and secure key for ANY of my emails.
That would require all existing emails to be decrypted on the client with the existing key and encrypted with the new key/algorithm but would allow for an actual upgrade of security.
Drawbacks of the existing feature are: If, for whatever reason, an existing key has been compromised, old emails would remain "unprotected" even when a new key has been generated --> somewhat undermines the privacy/security vision of Proton.
PS.: This should also be possible for the account key =)
Veit
shared this idea
-
J
commented
This would be an excellent feature, I was looking for such an option today to upgrade my mail from older keys to newer, stronger keys. This became especially evident after importing a large portion of mail from a legacy provider account which was encrypted with one of those older keys and after removing one of these keys, made all of my older mail unreadable, forcing me to have to re-import the key.