Anonymous

My feedback

  1. 847 votes
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      29 comments  ·  General  ·  Admin →

      Thank you all for your feedback. Please let us explain in more detail why we don’t plan to add pgp-support at the moment:

      Current encryption standards like pgp and S/MIME have several issue that we plan to address with Tutanota. These standards do not support forward secrecy and are not resistant to attacks from quantum computers.

      In addition, it is important to us that the subject line in emails is also encrypted. That’s why we have developed a solution that is also based on recognized algorithms (RSA and AES) and that automatically encrypts the subject, the content and the attachments. In the future, we plan to upgrade these algorithms to quantum-resistant ones that also support forward secrecy.

      We also see the importance that Tutanota needs to be interoperable with other encryption solutions. We will develop an API so that Tutanota users can communicate with users of other…

    • 4 votes
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        I agree to the terms of service
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        under review  ·  1 comment  ·  General  ·  Admin →
      • 90 votes
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          I agree to the terms of service
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          7 comments  ·  General  ·  Admin →
        • 232 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            I agree to the terms of service
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            under review  ·  7 comments  ·  General  ·  Admin →
          • 391 votes
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              I agree to the terms of service
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              5 comments  ·  General  ·  Admin →
            • 16 votes
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                I agree to the terms of service
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                1 comment  ·  General  ·  Admin →
              • 18 votes
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  I agree to the terms of service
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  2 comments  ·  General  ·  Admin →

                  Thanks for requesting a feature for further improving the security of Tutanota! We currently use TLS and DANE to protect authentication and integrity data and (only tunneled) RSA and AES to provide additional confidentiality. Neither the confidentiality nor the integrity of your data is currently at risk. In order to increase the security of Tutanota even further, we will implement digital signatures soon.

                • 241 votes
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    I agree to the terms of service
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    15 comments  ·  General  ·  Admin →
                  • 13 votes
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      I agree to the terms of service
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                      0 comments  ·  General  ·  Admin →
                    • 238 votes
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        I agree to the terms of service
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                        planned  ·  15 comments  ·  General  ·  Admin →
                      • 60 votes
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          I agree to the terms of service
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                          5 comments  ·  General  ·  Admin →
                          Anonymous commented  · 

                          This is a must needed feature, specially if tutanota wants to target commercial users.
                          Now, the apparent reason for not considering this feature is the crypto eco-system of tutanota - which mostly is based on symmetric mechanisms and not purely is PGP centric, which does have the flexibility of working with the mechanisms of IMAP(S)/POP(S). In contrast, I do agree and support the uniqueness of tutanota over PGP centric solutions that it does encrypt the subject (+ headers) of the email as well its body which others don't.
                          Though, the only solution which I know of being considered as a complete package (of-course with IMAP/POP) is mailfence.com, which is a 'pure' end-to-end PGP based solution.
                          Other solutions include scryptmail, riseup - which I believe are also working to add this feature..

                        • 1 vote
                          Vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            I agree to the terms of service
                            Signed in as (Sign out)
                            You have left! (?) (thinking…)
                            1 comment  ·  General  ·  Admin →
                            Anonymous commented  · 

                            This problem has multiple dimensions. But one way to provide this feature is to allow users to connect to their external addresses via IMAP(S)/POP(S), which requires sufficient resources and time to get implemented. Other solutions like mailfence.com does provide this feature in a very efficient manner (and potentially is a good alternative to tutanota...)
                            Therefore, the amazing team at tutanota should need to look at this too..

                          • 34 votes
                            Vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              I agree to the terms of service
                              Signed in as (Sign out)
                              You have left! (?) (thinking…)
                              3 comments  ·  General  ·  Admin →
                              Anonymous commented  · 

                              Protonmail mechanisms are (primarily) based on OpenPGP, whereas tutanota uses symmetric (AES..) based crypto mechanisms. However, this in no way provides an edge to one over the other - as it all drops down the notion of 'how' each of those mechanisms got implemented.
                              Nevertheless, people seeking for PGP (practical) solution need to check solutions like mailfence.com, riseup.net... - which are potentially the best candidates when it comes to OpenPGP.

                            • 116 votes
                              Vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                I agree to the terms of service
                                Signed in as (Sign out)
                                You have left! (?) (thinking…)
                                2 comments  ·  General  ·  Admin →

                              Feedback and Knowledge Base