Skip to content

Jon Par

My feedback

1 result found

  1. 3,720 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We have given this quite a bit of thought, but at the present moment, it is not clear the advantages would outweigh the disadvantages.

    The biggest problem is search. Encrypting all metadata would break metadata search entirely on the web client as there is still no efficient way to handle search of encrypted data within a browser.

    Secondly, metadata encryption’s value from a privacy standpoint is also somewhat dubious. Because we ultimately must deliver the message to the recipient, we must know who the recipient is. At the current time, there still isn’t any proven and viable way to work around this.

    Metadata encryption is an area of continued research for us, and when the opportunity arises and the technology for doing this matures, we will definitely implement it in ProtonMail.

    Jon Par supported this idea  · 
    An error occurred while saving the comment
    Jon Par commented  · 

    As far back as 2018, Enigmail/Kleopatra/Thunderbird/GnuPG has been using the Memory Hole standard to include the subject line in the encrypted portion of the PGP message. ProtonMail has maintained that the use of PGP is what holds them back from encrypting the subject line, but that's not true. Enigmail puts a fake, filler subject line in the header and puts the real subject line text encrypted within the body. What's worse is ProtonMail arbitrarily blocks using Enigmail to encrypt an email with a different PGP key underneath the "normal" ProtonMail key. So not only does Proton not include this subject line feature, they go out of their way to prevent you from using it. I can literally encrypt more in Thunderbird with my Gmail account than I can with ProtonMail's Bridge. That's ridiculous. There is no reason for ProtonMail to dictate to me what I put in my emails. If I want to send a PGP-encrypted email to someone outside of ProtonMail using Thunderbird, that should be allowed. I thought the whole reason Proton gave for using PGP instead of something like Tutanota was to be more compatible with others' PGP encryption. Now they're really doing the exact opposite - worst of all worlds.

    When will ProtonMail allow PGP/MIME encryption of the subject line in the same way as Enigmail? It's a huge difference between Proton and and competitors. Proton can do what Tutanota does without leaving PGP. Will ProtonMail at LEAST allow using Enigmail PGP encryption and then add Proton's encryption on top of it, if necessary, so that I can encrypt my subject line if I want? I want to stay with ProtonMail, but being four years behind on this and other things, like full encrypted search, calendar, fully encrypted contacts, etc. that Tutanota offers for a lower price makes it hard to justify. Can we at least get this part fixed? I know calendar is coming, even if the other things aren't.

    Thanks for all you have done. I hope to see Proton continuing to grow - happy to be a paid supporter.

    An error occurred while saving the comment
    Jon Par commented  · 

    As far back as 2018, Enigmail/Kleopatra/Thunderbird/GnuPG has been using the Memory Hole standard to include the subject line in the encrypted portion of the PGP message. ProtonMail has maintained that the use of PGP is what holds them back from encrypting the subject line, but that's not true. Enigmail puts a fake, filler subject line in the header and puts the real subject line text encrypted within the body.

    When will ProtonMail allow PGP/MIME encryption of the subject line in this way? It's a huge difference between Proton and Tutanota and other competitors. I want to stay with ProtonMail, but being four years behind on this and other things, like full encrypted search, calendar, fully encrypted contacts, etc. that Tutanota offers for a lower prices makes it hard to justify. Can we at least get encrypted subject with this PGP/MIME standardized feature?

    Thanks for all you have done. I hope to see Proton continuing to grow - happy to be a paid supporter.

Feedback and Knowledge Base