13 total posts
No real answer from me
but may I ask whether you have considered continuing to use Thunderbird on your new system?
I have a Win 7 laptop with Thunderbird installed and it works well.
I have considered Thunderbird ...
Thunderbird works OK as an email client, but I don't like Open Office (too many annoying incompatibilities) and Outlook integrates better than Thunderbird with programs I use frequently.
I guess I'm losing whatever geek credentials I used to have.
No real answer from me, either
Sorry, Bill. Another "helpful suggestion" but not a direct answer to your question!
Since you're using Outlook, have you considered trying ePostal Services? It's not free, but nearly so (15 cents 'postage') and you can pre-pay the return postage if you want your recipient to reply to you with another encrypted email and don't want to make them incur the cost. It fully integrates into Outlook -- just a different Send button. And it does email tracking and differentiation, too. You just choose what you want when you send the message, if you want anything -- you only use it when you need it. It's pretty cool. Personally, I use it to share web server login creds with clients and to send MYSELF all my various site passwords (you can encrypt to store, too).
I hadn't heard of that service
It's an interesting idea. I'm not sure I want to pay for the privilege but it bears consideration.
I learned a lot in this process ...
It turns out that it's not hard to access the public certificate of an email received by Outlook 2010. I just don't think it's completely intuitive. There's an icon showing that the message is signed. The user has to click the icon and work through several menus to 'copy' a certificate (not 'save' or 'export' as I would have expected) so that the certificate can be stored on disk and then imported into the properties of the appropriate contact in the address book. I wonder if they could have made it any less user friendly?
I also discovered that by default it is not possible to send an encrypted email from Outlook 2010 to Thunderbird. The Mozilla developers and MS developers have each blamed the other group, and MS has offered a workaround but as a user it just leaves me frustrated.
Good to see you have managed to go forward with this
despite the disagreements between Microsoft and Mozilla. Sad that such an important part of the email system is complicated by rivalry and non-cooperation.
I'm surprised it is not a bigger deal.
I know that setting up secure email is a hassle, and maybe I'm just paranoid, but I am really careful about what I put into email. Email is far and away the easiest way to exchange information between home and office since I don't always carry my flash drive, but email is inherently insecure. The threat is probably small, but why run risks at all?
Apparently I am in the minority regarding this. I am frequently astounded by what people are willing to put into email messages. Emails with personal information? Sure, why not. Messages that contain passwords? I get them all the time. It's unbelievable! If the majority of people used secure email then interoperability problems like this would be huge and both the MS and Mozilla folks would be receiving a lot of pressure to fix it. As it is, I don't know when the two products will talk to each other by default. I don't count the registry edit as a fix (even though I used it and it works) because the majority of users don't have any business grubbing around in their registry. If the companies were serious about a fix they would make it easier.
For that matter, if developers were serious about making secure email available to average users they would make the whole process easier. Setting up encrypted email is FAR too difficult for the average user in every email program I have ever used. Setting aside the hassle of figuring out how to get a certificate (for EVERY person in the process) why should it take large numbers of steps to install the certificate and associate it with the correct email addy? But that's another subject.
FWIW: I know convincing people about email security is a losing battle. I can't even convince my wife not to store our children's social security numbers in her smart phone.
Right-click on the sender and "Add to Outlook Contacts". If you already have the contact in your Contacts folder, it will offer to update when you click "Save & Close". Certificates are automatically included / updated when you do this.
Yeah, I eventually figured that out ...
It's not quite intuitive since there is no option listed to update the contact to begin with, but it does work. Thankfully.
Here's the issue. MS implemented another part of the RFC that isn't commonly implemented yet. There's a registry hack for Outlook 2010 to cause it to revert to previous behavior:
Well, solved for me but not in the way you meant.
The problem is NOT really solved, but there is a sort of workaround. You linked to the registry hack I alluded to in a previous post. It works but it requires a couple of things:
Access to the Registry (not a given in a corporate environment)
Cooperation from the guy who is using Outlook. IOW it only 'solves' the problem for the Thunderbird user if the OTHER person applies the fix. That's not quite a solution.
What you did not mention is that there was yet another obstacle (a bug in Thunderbird's implementation of encryption) that has since been fixed. When I first posted about the problem, Thunderbird could not read ANY of the affected messages. Since the bug fix, Thunderbird can read SOME of the affected messages, depending on some arcane details in the security certificates.
Unfortunately, the Thunderbird developers and the MS developers are both (at least somewhat) blaming the other group for the problem, and the Thunderbird developers are so confident that MS is wrong that they DO NOT plan to fix Thunderbird's behavior. Their feeling is that it's Microsoft's problem to fix. I'm not holding my breath on that one. As a non-cryptography person I only partially understand what they are arguing about and I certainly don't know who is 'right' about the standards. As a user I don't really care, I just want it to work. It doesn't.
I chose a simpler solution. I stopped using Thunderbird. Problem solved.
Just as a side note.
I know the last post is from 2010 but I found a nice little tool for en-/decryption in OUtlook 2010 called "gpg4o".
For more information visit gpg4o Homepage