Sailfish Secure + ProtonMail.ch
I was wondering if it possible to make a collaboration between Jolla and ProtonMail (secure email client, https://protonmail.ch/) to develop an integration of their mail service with the existing Jolla email client. I think it would perfectly fit within the context of Sailfish Secure.
Or any other commercial email service, not, that offers encryption and excuse me "protected by swiss law" is no selling point, it's a show-stopper (selling confidential banking data to governments?!), properly setup service do not need any protection by law, they need a good implementations to encrypt data on per user level! Proper integration of open standards and open encryption technology is a better way to go than to bind commercial/branded services. The younited (being sold to the US) joint venture is one example how it can easily fail your customers.
chemist ( 2015-03-17 01:01:57 +0200 )editMaybe I expressed badly myself. I just wanted to have the possibility to integrate protonmail in Jolla email app. So far I also think it is the one of the few mail servers that guarantees security. Probably you have stopped reading at
Swiss law
. What they claim it is simply that swiss law has more restricted privacy constrains in comparison with EU and USA. Moreover, end-to-end encryption it is guaranteed. ProtonMail itself has no control over your data. Similar to MEGA, if you loose your mail password, you loose everything. Therefore, the only thing that the mail provider has is your data encrypted.All these things together help to guarantee more security. You are free to choose whatever provider you want. Just to remember to you that providers like gmail, do not guarantee end-to-end encryption. Guess why.
ruga ( 2015-03-17 10:13:49 +0200 )editIf their implementation of end2end encryption is compatible to the non-protonmail world there is no need for protonmail... Jolla should just make usage of openPGP A possible B easy! Ad B, easy has its quirks though, you need to have proper backup of your keys, backup needs to be encrypted as well as the key itself needs to be protected. So first of all we need proper key management and an agent handling interactions on the touch-level then we can talk about future integration of other services.
chemist ( 2015-03-17 11:25:15 +0200 )editAgree with @chemist. @ruga, please try to understand, that end2end encryption can be achieved on ANY e-mail provider, including Gmail. You need to use just public key cryptography. One nice implementation is OpenPGP. You can try that out in desktop, ie Thunderbird afaik has a plugin for OpenPGP. ProtonMail however, cannot be more secure than PGP on top of Gmail, because cryptography in javascript and browser is prone to many issues, please read eg http://matasano.com/articles/javascript-cryptography/
So what's actually needed, is a e-mail client supporting PGP or if possible, some plugin to existing Jolla e-mail app...
matik ( 2015-03-17 12:51:07 +0200 )edit@chemist@matik you are right. end2ened encryption is guaranteed using PGP, and you can use it on top of whatever service you want. However, if Jolla would provide a mail service in collaboration with Protonmail, they could guarantee an secure mail service to everyone. As we know, PGP is used only by those persons that knows a bit of security, and each of them have to take care about their own private keys etc... In this case, you would extend this secure mail service also to those people that do not know the technical details and do not know how to "handle" PGP, but they just need a secure service.
ruga ( 2015-04-17 18:04:40 +0200 )edit