Enigmail

From MozillaZine Knowledge Base
Revision as of 02:42, 10 June 2014 by Tanstaafl (talk | contribs) (updated URL, added some text explaining the relative advantages)
Jump to navigationJump to search

Enigmail is an extension for encrypting messages and/or adding digital signatures to Thunderbird and Mozilla Suite/SeaMonkey Mail. Its an OpenPGP based alternative to the built-in S/MIME support. Which one is chosen frequently depends upon what your recipients support. They both provide similar services and use MIME to structure their messages, but have incompatible formats.

Some people assume that because S/MIME support is built-in that make S/MIME a better choice. However, it's basically a backwater, just like the built-in news support. Enigmail is still being actively developed. S/MIME has the advantage of not requiring an add-on but both require a good bit of work to learn how to configure and use. Enigmail has an advantage in that it has extensive documentation and dedicated forums.

S/MIME requires certificates, which are normally issued by third certificate services such as Thawte, Verisign and OpenSSL. Certificates eventually expire and you need to keep old ones in order to read old encrypted messages. Free certificates just guarantee what email address was used. Paid certificates (class 2) attempt to verify who you actually are. OpenPGP is based on individually determined levels of trust. If someone sends you a key, and you trust it, then you can communicate with that person. There is no third party involved that you have to trust, which can make it a more practical choice.

For more information, see the Enigmail Project page. Email Self-Defence from the EFF is also a good getting started guide.

See also

Message_security