SwissTengu

My feedback

  1. 104 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    12 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
    SwissTengu commented  · 

    This joins some other solutions, such as Threema (ok, no login, but the username is some random string) and, in some points, BitMessage (is it even still alive? ;) )

    Thus +1 for no sending away a credential information.

    SwissTengu supported this idea  · 
  2. 211 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  17 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
    SwissTengu commented  · 

    @Mustafa yep, that's even better, and would be addressed by another feature request: filters.

    That would probably be the smartest solution, and, I think, the most userfriendly.

    SwissTengu commented  · 

    Good point @t indeed. Better solution might be:

    - create some "vault" folder
    - if standard password is entered, display it
    - if "emergency" password, hide it and its content

    Would mean "user responsibility to move sensitive mails to the vault". But this would prevent the point raised by @t in an elegant way.

    SwissTengu supported this idea  · 
  3. 2,331 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    122 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →

    Building an encrypted calendar is at the top of our to-do list right now as we desperately need a solution to schedule and share calendar entries securely ourselves. However, first, we have to finish the new client to push it our of beta and update the Tutanota Android and iOS apps so that you can use your encrypted mailbox with very good speeds and many more features on all your devices. Once we are done with that, we will build the encrypted calendar.

    Thank you very much for your continuous support.

    SwissTengu commented  · 

    Might be cool to get in touch with Flock (Whispersystem)… they already propose encrypted contacts and calendar, along with android app, might be good to get their hints (or even help) and, wonder of wonders, a link from tutanota (they don't provide any desktop app for now, not sure for iOS).

  4. 111 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    8 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
    SwissTengu supported this idea  · 
  5. 354 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  31 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
    SwissTengu commented  · 

    XMPP protocol would be good, wouldn't it? Allowing people to use external, compatible apps like mcabber, chatsecure, gajim and so on.

    Of course, the web interface should embed OTR, else it's a no-go.

  6. 1,061 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    53 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →

    Thank you all for your feedback. Please let us explain in more detail why we don’t plan to add pgp-support at the moment:

    Current encryption standards like pgp and S/MIME have several issue that we plan to address with Tutanota. These standards do not support forward secrecy and are not resistant to attacks from quantum computers.

    In addition, it is important to us that the subject line in emails is also encrypted. That’s why we have developed a solution that is also based on recognized algorithms (RSA and AES) and that automatically encrypts the subject, the content and the attachments. In the future, we plan to upgrade these algorithms to quantum-resistant ones that also support forward secrecy.

    We also see the importance that Tutanota needs to be interoperable with other encryption solutions. We will develop an API so that Tutanota users can communicate with users of other…

    SwissTengu commented  · 

    Hello,

    Just a thought: having seen Privacy app (privacyapp.io) running on an iOS smartphone, I think Tutanota might go beyond simple gpg support: provided it's able to query directly keybase.io service, that would let people do a seemingly strong review of the found key.

    For example, sending an email to "swisstengu" user will query keybase, retrieve the public key and validation info, and display some frame with :
    - key fingerprint
    - validations known by keybase

    This way, the sender will know with little doubt "ok, this is really swisstengu key".

    Weird and hard part would be for gpg decryption, but I'm pretty sure that's not what tutanota will do (and, hopefully, this won't come in sight), as this means "find a way to manage the gpg *private* key"… In my case, I have no confidence in local storage, sooo… no gpg in browser. Ever.

    SwissTengu supported this idea  · 

Feedback and Knowledge Base