Trac issueshttps://gitlab.torproject.org/legacy/trac/-/issues2020-06-13T18:10:24Zhttps://gitlab.torproject.org/legacy/trac/-/issues/29655Tor Metrics / Users / Bridge users by country and transport / Source: China, ...2020-06-13T18:10:24ZTracTor Metrics / Users / Bridge users by country and transport / Source: China, fails to render graph lines clearly— After selecting Source: China, Germany, and some other country names, the <OR>, meek, and obfs4 graph lines appear washed out, faint, and indistinct. This defect has persisted for approximately the past 2 weeks or longer.
https...— After selecting Source: China, Germany, and some other country names, the <OR>, meek, and obfs4 graph lines appear washed out, faint, and indistinct. This defect has persisted for approximately the past 2 weeks or longer.
https://metrics.torproject.org/userstats-bridge-combined.html?start=2018-12-04&end=2019-03-04&country=cn
**Trac**:
**Username**: monmirehttps://gitlab.torproject.org/legacy/trac/-/issues/31211Inaccurate and confusing Support doc can mislead macOS users into incorrectly...2020-06-13T17:36:46ZTracInaccurate and confusing Support doc can mislead macOS users into incorrectly using Tor Browser with two simultaneous instances of the Tor-Browser Data folder.Tor Browser 8.5.4 on macOS 10.14.5 Mojave.
`How do I uninstall Tor Browser?` https://support.torproject.org/tbb/tbb-28/
The following inaccurate and confusing language pertaining to macOS appears in the documentati...Tor Browser 8.5.4 on macOS 10.14.5 Mojave.
`How do I uninstall Tor Browser?` https://support.torproject.org/tbb/tbb-28/
The following inaccurate and confusing language pertaining to macOS appears in the documentation:
`Locate your Tor Browser folder or application. The default location on Windows is the Desktop; on macOS it is the Applications folder (on macOS, you have to move it into the Applications folder when you complete the installation process).`
The documentation inaccurately states, `on macOS it is in the Applications folder (on macOS, you have to move it into the Application folder when you complete the installation process).`
A user will be unable to find the Tor-Browser Data folder in `/Applications` because the Tor-Browser Data folder does not install in `/Applications`.
By default, the Tor-Browser Data folder installs in `~/Library/Application Support`.
And, by default, TorBrowser.app installs in `~/Applications`.
----
Duplicate the issue:
Per the inaccurate and confusing language pertaining to macOS in the documentation , a user moves the Tor-Browser Data folder to `/Applications`.
When the user quits and restarts Tor Browser, no Tor-Browser Data folder is present in its default location `~/Library/Application Support`; thus, Tor Browser.app installs a new instance of the Tor-Browser Data folder in `~/Library/Application Support`.
The computer now has two separate and simultaneous instances of the Tor-Browser Data folder.
One Tor-Browser Data folder is in `/Applications`, and the other Tor-Browser Data folder is in `~/Library/Application Support`.
----
To avoid the possibility of confusing or misleading users into mistaken attempts to use Tor Browser with two separate and simultaneous instances of the Tor-Browser Data folder, we should change the inaccurate and misleading language pertaining to macOS in the referenced documentation to reflect something like the following:
`On macOS, by default, your Tor-Browser Data folder installs in ~/Library/Application Support. On macOS, by default, your TorBrowser.app installs in /Applications. To uninstall Tor Browser, delete your Tor-Browser Data folder and delete your TorBrowser.app.`
**Trac**:
**Username**: monmireColin ChildsColin Childshttps://gitlab.torproject.org/legacy/trac/-/issues/30444Tor Browser Downloads page https://2019.www.torproject.org/projects/torbrowse...2020-06-13T17:28:07ZTracTor Browser Downloads page https://2019.www.torproject.org/projects/torbrowser.html has no links to download latest version: Tor Browser 8.0.9Tor Browser Downloads page https://2019.www.torproject.org/projects/torbrowser.html has links to download Tor Browser previous version: 8.0.8, but should have links to download latest version: 8.0.9.
**Trac**:
**Username**: monmireTor Browser Downloads page https://2019.www.torproject.org/projects/torbrowser.html has links to download Tor Browser previous version: 8.0.8, but should have links to download latest version: 8.0.9.
**Trac**:
**Username**: monmireHiroHirohttps://gitlab.torproject.org/legacy/trac/-/issues/30010In the list of onion services run by the Tor Project, can we add an onion add...2020-06-13T17:27:52ZTracIn the list of onion services run by the Tor Project, can we add an onion address that has the same content as https://2019.www.torproject.org/docs/pluggable-transports.html.enhttp://expyuzz4wqqyqhjn.onion/docs/pluggable-transports.html.en
opens the page at
https://2019.www.torproject.org/docs/pluggable-transports.html.en
Can we have http://expyuzz4wqqyqhjn.onion/docs/pluggable-transports.html.en open...http://expyuzz4wqqyqhjn.onion/docs/pluggable-transports.html.en
opens the page at
https://2019.www.torproject.org/docs/pluggable-transports.html.en
Can we have http://expyuzz4wqqyqhjn.onion/docs/pluggable-transports.html.en open an onion address that has the same content as https://2019.www.torproject.org/docs/pluggable-transports.html.en
**Trac**:
**Username**: monmirehttps://gitlab.torproject.org/legacy/trac/-/issues/29944In the onion.torproject.org list of onion services run by the Tor Project, ca...2020-06-13T17:27:49ZTracIn the onion.torproject.org list of onion services run by the Tor Project, can we add an onion address that opens a Tor: Mirrors onion page?Indeed, `https://2019.www.torproject.org/getinvolved/mirrors.html.en` directly opens the Tor: Mirrors https page, but, alas, no Tor: Mirrors onion address appears in the `https://onion.torproject.org/` list of onion services run by the T...Indeed, `https://2019.www.torproject.org/getinvolved/mirrors.html.en` directly opens the Tor: Mirrors https page, but, alas, no Tor: Mirrors onion address appears in the `https://onion.torproject.org/` list of onion services run by the Tor Project.
At some point in the recent past, did not the onion address `http://4bflp2c4tnynnbes.onion/#website-mirror` directly open a Tor: Mirrors onion page?
If not, can we add a Tor: Mirrors onion address to the `https://onion.torproject.org/` list of onion services run by the Tor Project?
Today, `http://4bflp2c4tnynnbes.onion/#website-mirror` directly opens the `How can we help? Most Frequently Asked Question | When I use Tor Browser, will anyone be able to tell which websites I visit?` page, where you can select `Topics Misc` to go to the first page of the `Tor Glossary`, from where you have to scroll down 19 pages to see the `website mirror` section, which contains the Tor: Mirrors address `https://2019.www.torproject.org/getinvolved/mirrors.html.en`, not a `Tor: Mirrors onion address`.
**Trac**:
**Username**: monmireHiroHirohttps://gitlab.torproject.org/legacy/trac/-/issues/29929http://expyuzz4wqqyqhjn.onion/docs/pluggable-transports.html.en link previous...2020-06-13T17:27:45ZTrachttp://expyuzz4wqqyqhjn.onion/docs/pluggable-transports.html.en link previously worked, but now it is broken.`http://expyuzz4wqqyqhjn.onion/docs/pluggable-transports.html.en`
Not Found The requested URL /docs/pluggable-transports.html.en was not found on this server.
**Trac**:
**Username**: monmire`http://expyuzz4wqqyqhjn.onion/docs/pluggable-transports.html.en`
Not Found The requested URL /docs/pluggable-transports.html.en was not found on this server.
**Trac**:
**Username**: monmirehttps://gitlab.torproject.org/legacy/trac/-/issues/29915Broken link www.torproject.org/docs/bridges.html.en#PluggableTransports requi...2020-06-13T17:27:43ZTracBroken link www.torproject.org/docs/bridges.html.en#PluggableTransports requires www.2019.torproject to connect.https://www.torproject.org/docs/pluggable-transports
Not Found The requested URL /docs/pluggable-transports.html.en was not found on this server.
**Trac**:
**Username**: monmirehttps://www.torproject.org/docs/pluggable-transports
Not Found The requested URL /docs/pluggable-transports.html.en was not found on this server.
**Trac**:
**Username**: monmireHiroHirohttps://gitlab.torproject.org/legacy/trac/-/issues/29914https://www.torproject.org/getinvolved/mirrors.html.en requires www.2019.http...2020-06-13T17:27:43ZTrachttps://www.torproject.org/getinvolved/mirrors.html.en requires www.2019.https to connect; corresponding "Tor: mirrors" onionsite is missing.https://www.torproject.org/getinvolved/mirrors.html.en renders the following message:
Not Found The requested URL /getinvolved/mirrors.html.en was not found on this server.
http://4bflp2c4tnynnbes.onion/#website-mirror No link in this...https://www.torproject.org/getinvolved/mirrors.html.en renders the following message:
Not Found The requested URL /getinvolved/mirrors.html.en was not found on this server.
http://4bflp2c4tnynnbes.onion/#website-mirror No link in this page appears to go to Tor: mirrors onion page or to Tor: mirrors https page.
**Trac**:
**Username**: monmireHiroHirohttps://gitlab.torproject.org/legacy/trac/-/issues/30891check.torproject.org is unreachable commonly, regularly, frequently, persiste...2020-06-13T17:13:45ZTraccheck.torproject.org is unreachable commonly, regularly, frequently, persistently, and intermittentlyThis is a common, regular, frequent, persistent, intermittent, and ongoing issue that I first noticed, as I recall, beginning at least 6 or more months ago, frequently driving me to rely on 3rd-party sites to check the IP address of the ...This is a common, regular, frequent, persistent, intermittent, and ongoing issue that I first noticed, as I recall, beginning at least 6 or more months ago, frequently driving me to rely on 3rd-party sites to check the IP address of the exit relay.
Attempts to connect to https://check.torproject.org/ remain stuck commonly, regularly, frequently, persistently, and intermittently at "Performing a TLS handshake to check.torproject.org...", remaining stuck for up to about 120 seconds, more or less, before the page renders the following message:
"Secure Connection Failed. The connection to check.torproject.org was interrupted while the page was loading. The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. Please contact the website owners to inform them of this problem. Learn more…Try Again"
At other times, attempts to connect to https://check.torproject.org/ commonly, regularly, frequently, persistently, and intermittently show the following page message:
"The connection has timed out. The server at check.torproject.org is taking too long to respond. The site could be temporarily unavailable or too busy. Try again in a few moments. If you are unable to load any pages, check your computer’s network connection. If your computer or network is protected by a firewall or proxy, make sure that Tor Browser is permitted to access the Web. Try Again"
At other times, attempts to connect to https://check.torproject.org/ intermittently will establish a successful, timely, and satisfying connection with [Tor Check](https://check.torproject.org/).
Let's improve the [Tor Check](https://check.torproject.org/) connection and configuration so that users will experience a consistently reliable, successful, and timely connection.
**Trac**:
**Username**: monmireArlo BreaultArlo Breaulthttps://gitlab.torproject.org/legacy/trac/-/issues/31896Bad instructions in Support Portal, "How can I verify Tor Browser's signature...2020-06-13T17:12:31ZTracBad instructions in Support Portal, "How can I verify Tor Browser's signature?", discourage, deter, and prevent users on macOS from verifying the Signature of downloaded Tor Browser packagesPlatform: Tor Browser 8.5.5 on macOS Mojave 10.14.6
Users on macOS who rely solely on and adhere to the crucial Support Portal instructions currently appearing in [How can I verify Tor Browser's signature?](https://support.torproject.or...Platform: Tor Browser 8.5.5 on macOS Mojave 10.14.6
Users on macOS who rely solely on and adhere to the crucial Support Portal instructions currently appearing in [How can I verify Tor Browser's signature?](https://support.torproject.org/tbb/how-to-verify-signature/) never will be able to use the Tor Browser Developer's signing key to verify the Signature of a downloaded Tor Browser package.
"How can I verify Tor Browser's signature?" instructions contain misinformed, inaccurate, and incomplete instructions for users on macOS needing to use the Tor Developer's Signing key (".asc" file) to verify the Signature of a downloaded Tor Browser package (".dmg" file).
The crucial "How can I verify Tor Browser's signature?" instructions for users on Windows and GNU/Linux to verify the Signature of a downloaded Tor Browser package DO NOT WORK for users on macOS.
The current "How can I verify Tor Browser's signature?" documentation instructs users on macOS, Windows, and GNU/Linux, to enter a command with `gpgv --keyring ./tor.keyring` in the command line, and the command looks something like the following command to verify the Signature of a downloaded Tor Browser package, but a command with `gpgv --keyring ./tor.keyring` in the command line DOES NOT WORK for users on macOS:
`gpgv --keyring ./tor.keyring ~/Downloads/TorBrowser-8.5.4-osx64_en-US.dmg{.asc,}`
For users on macOS, the preceding command or other similar command using `gpgv --keyring ./tor.keyring` in the command line returns the following message:
`gpgv: keyblock resource './tor.keyring': No such file or directory`
`gpgv: no valid OpenPGP data found.`
`gpgv: the signature could not be verified.`
`Please remember that the signature file (.sig or .asc)`
`should be the first file given on the command line.`
For users on macOS, attempts to verify the Signature of a downloaded Tor Browser package by using `gpgv --keyring .\tor.keyring` in the command line will fail.
For users on macOS, the `gpg --verify` command must appear in the command line for verification of the Signature of a downloaded Tor Browser package to be successful. The example below assumes the user has downloaded the Tor Browser package (".dmg") file and the PGP Signature (".asc") file to the "Downloads" folder.
Users on macOS use the command with the following form, and `gpg --verify` appears in the command line to verify the Signature of a downloaded Tor Browser package:
`gpg --verify ~/Downloads/TorBrowser-8.5.5-osx64_en-US.dmg.asc /Downloads/TorBrowser-8.5.5-osx64_en-US.dmg`
For users on macOS, the `TorBrowser-8.5.5-osx64_en-US.dmg.asc` entry must precede the `TorBrowser-8.5.5-osx64_en-US.dmg` entry on the command line; the preceding command successfully verifies the Signature of the downloaded Tor Browser package by returning the following message:
`gpg: Signature made Tue Sep 3 06:07:30 2019 PDT`
`gpg: using RSA key EB774491D9FF06E2`
`gpg: Good signature from "Tor Browser Developers (signing key) <torbrowser@torproject.org>"`
"How can I verify Tor Browser's signature?" instructions should be edited accordingly and should have the additional instructions below necessary for users on macOS relying solely on "How can I verify Tor Browser's signature?" instructions to use the Tor Developer's Signing key to verify the Signature of a downloaded Tor Browser package.
----
In the subsection "Fetching the Tor Developers key" in "How can I verify Tor Browser's signature?, the content should present something like the following instructions for the benefit of all users on macOS:
The Tor Browser team signs Tor Browser releases.
Import the Tor Browser Developers signing key (0xEF6E286DDA85EA2A4BA7DE684E2C6E8793298290):
`gpg --auto-key-locate nodefault,wkd --locate-keys torbrowser@torproject.org`
After importing the Tor Browser Developers signing key, users can take the additional step of saving it to a file by entering the following command:
`gpg --output ./tor.keyring --export 0xEF6E286DDA85EA2A4BA7DE684E2C6E8793298290`
On macOS, by default, the preceding export command saves the Tor Browser Developers key in the following file:
`~/Users/<user name>/tor.keyring`
----
For users on macOS, the subsection "Verifying the signature" in "How can I verify Tor Browser's signature?" contains misinformed and incomplete instructions. These instructions should be edited for the benefit of users on macOS and should include the additional instructions below, crucial for users on macOS relying solely on "How can I verify Tor Browser's signature?" instructions to use the Tor Developer's Signing key to verify the Signature of a downloaded Tor Browser package.
The "Verifying the signature" subsection presently contains the following information, which confusingly applies the information to users on Windows, GNU/Linux, and macOS, but in reality the information does not apply accurately to users on macOS:
Each file on our download page is accompanied by a file with the same name as the package and the extension ".asc"
The preceding inaccurate information causes confusion for users on macOS and acts as a deterrent and a stumbling block for users on macOS, thereby discouraging, thwarting, or preventing users on macOS from using the Tor Developer's Signing key to verify the Signature of a downloaded Tor Browser package.
In the subsection "Verifying the signature?" in "How can I verify Tor Browser's signature?", something that looks like the following content justifiably merits inclusion in the instructions so that users on macOS relying solely on "How can I verify Tor Browser's signature?" instructions can receive the crucial benefit of using the Tor Developer's Signing key to verify the Signature of a downloaded Tor Browser package:
After a macOS user downloads the Tor Browser package (".dmg" file), the user downloads the Signature file corresponding with the downloaded Tor Browser installer package.
For users on macOS, on the Tor Browser [Download page](https://www.torproject.org/download/), clicking on the "Sig" or "(sig)" link that corresponds with the downloaded Tor Browser package will open an additional tab in the Tor Browser window, and the window content will include only a block of text, which is the PGP Signature itself.
Users on macOS must save the block of text (the PGP Signature) as an ".asc" file.
In the Tor Browser menu bar, users on macOS select "File > Save Page As", which will open a Finder-save window.
In the Finder-save window, a file name that looks something like `TorBrowser-8.5.5-osx64_en-US.dmg.asc`, will self-populate in the space bar on the right side of "Save As:".
If the name of the self-populated file looks something like `TorBrowser-8.5.5-osx64_en-US.dmg`, the user must type ".asc" file extension at the end of the file name to make it look something like `TorBrowser-8.5.5-osx64_en-US.dmg.asc`.
In the Finder-save window, the user selects a folder to save the Signature (".asc") file and saves it in the same folder where the downloaded Tor Browser package (".dmg") file was saved, e.g., in the "Desktop" folder or the "Downloads" folder.
The user customarily always should save the PGP Signature (".asc") file in the same folder where the user saved the downloaded Tor Browser package (".dmg" file).
The downloaded Tor Browser package itself will have a file name that looks something like `TorBrowser-8.5.5-osx64_en-US.dmg`.
----
The important content below justifiably merits inclusion in the instructions in the "How can I verify Tor Browser's signature?" section for users on macOS to use the Tor Developer's Signing key to verify the Signature of a downloaded Tor Browser package.
For users on macOS who have installed GPGTools and have imported the Tor Browser Developers key into GPG Keychain, the following instructions allow users to verify the Signature of each downloaded Tor Browser package quickly without having to use terminal commands each time the user downloads a fresh updated or upgraded Tor Browser package (".dmg file) and its corresponding Signature ("Sig") file:
When the downloaded Tor Browser package (".dmg") file and its corresponding Signature (".asc") file are saved in the same folder, users on macOS can double-click on the ".asc" file to open the "Verification Results" window. A successful verification will display in the "Verification Results" window a message that looks something like the following:
`TorBrowser-8.5.5-osx64_en-US.dmg.asc Signed by: Tor Browser Developers (signing key) <torbrowser@torproject.org> (1107 75B5 D101 FB36 BC6C 911B EB77 4491 D9FF 06E2) - Ultimate trust`
The term "Ultimate trust" will appear at the end of the preceding message only if the user on macOS has assigned "Ownertrust: Ultimate" in GPG Keychain > pub...Tor Browser Developers...4E2C 6E87 9329 8290 > Key Details > Key.
Before assigning "Ultimate trust", it is crucial for users on macOS to confirm that the Key Fingerprint and Subkey Fingerprint appearing in the GPG Keychain window match the corresponding Key Fingerprint and Subkey Fingerprint appearing in the official Tor Project [list of signing keys](https://2019.www.torproject.org/docs/signing-keys.html.en).
----
After the "How can I verify Tor Browser's signature? instructions are edited as described, users on macOS who rely solely on "How can I verify Tor Browser's signature?" documentation will be able to use the Tor Developer's Signing key to verify the Signature of a downloaded Tor Browser package, thereby reducing the chances of users on macOS unknowingly or unwittingly installing Tor Browser packages that might contain corrupted files and/or malware.
Shouldn't we make it both possible and easier for all users, including users on macOS, to verify Tor Browser's signature?
In the "How can I verify Tor Browser's signature?" section, can we edit the instructions as described so users on macOS relying solely on "How can I verify Tor Browser's signature?" documentation can use the Tor Browser Developer's signing key to verify the Signature each time a user on macOS downloads a fresh Tor Browser package.
[#31296 reopened defect](https://trac.torproject.org/projects/tor/ticket/31296)
[#31254 closed defect (fixed)](https://trac.torproject.org/projects/tor/ticket/31254)
**Trac**:
**Username**: monmirePili GuerraPili Guerrahttps://gitlab.torproject.org/legacy/trac/-/issues/31254Tor Support Portal "How can I verify Tor Browser's signature" has inaccurate ...2020-06-13T17:12:29ZTracTor Support Portal "How can I verify Tor Browser's signature" has inaccurate instructions that can prevent signature verification of Tor BrowserAt https://support.torproject.org/tbb/how-to-verify-signature/,
the subsection `macOS and Linux" / For macOS users`
presents instructions to mac OS users to run terminal command
`gpg --verify ~/Downloads/TorBrowser-8.0.8-osx64_en-US...At https://support.torproject.org/tbb/how-to-verify-signature/,
the subsection `macOS and Linux" / For macOS users`
presents instructions to mac OS users to run terminal command
`gpg --verify ~/Downloads/TorBrowser-8.0.8-osx64_en-US.dmg{.asc,} `
On macOS, running that command returns terminal output
`gpg: no valid OpenPGP data found.`
`gpg: the signature could not be verified.`
`Please remember that the signature file (.sig or .asc)`
`should be the first file given on the command line.`
However, running terminal command
`gpg --verify ~/Downloads/{.asc,} TorBrowser-8.0.8-osx64_en-US.dmg`
returns terminal output
`gpg: Signature made Mon Jul 8 03:56:12 2019 PDT`
`gpg: using RSA key EB774491D9FF06E2`
`gpg: Good signature from "Tor Browser Developers (signing key) <torbrowser@torproject.org>"`
----
If we instruct new Tor Browser users, who might become discouraged by the terminal return
`gpg: no valid OpenPGP data found.`
`gpg: the signature could not be verified.`
`Please remember that the signature file (.sig or .asc)`
`should be the first file given on the command line.`
to instead run terminal command
`gpg --verify ~/Downloads/{.asc,} TorBrowser-8.0.8-osx64_en-US.dmg`,
perhaps more Tor Browser users with less experience might complete a proper verification of Tor Browser's signature, and Tor Browser might gain more new users.
**Trac**:
**Username**: monmireGusGushttps://gitlab.torproject.org/legacy/trac/-/issues/29329Vidalia 0.2.21 failing to uninstall2020-06-13T16:56:23ZTracVidalia 0.2.21 failing to uninstallI used Vidalia 0.2.21 on my device long ago, the device has sat unused for quite a while. I turned on the device recently and attempted to uninstall vialia in the conventional windows 7 fashion. upon completion of the uninstall process v...I used Vidalia 0.2.21 on my device long ago, the device has sat unused for quite a while. I turned on the device recently and attempted to uninstall vialia in the conventional windows 7 fashion. upon completion of the uninstall process vidalia failed to uninstall. I am not a computer genius. please help. send nachos.
**Trac**:
**Username**: wo6Bd12https://gitlab.torproject.org/legacy/trac/-/issues/10309TorBirdy - IMAP issue2013-12-27T03:14:23ZTracTorBirdy - IMAP issuePart of discussion on tor-dev mail list.
----------------
Accessing an email server via IMAP may leak data by saving a draft on
the remote server.
Using Thunderbird+Enigmail+Torbirdy.
While writing a message on Thunderbird, it is au...Part of discussion on tor-dev mail list.
----------------
Accessing an email server via IMAP may leak data by saving a draft on
the remote server.
Using Thunderbird+Enigmail+Torbirdy.
While writing a message on Thunderbird, it is automatically saved as a
draft, which by default is sent to the IMAP server. So the server will
be able to read that message.
That's a big problem when the message should be encrypted before sent.
So the email provider will be able to read sensitive data on those
drafts in cleartext and the user probably won't notice.
To solve this the user need to manually set the account drafts
settings (in Copies & Folders) to keep drafts on Local Folders.
I think Torbirdy should do it by default.
This info should be added to known issues on Torbirdy wiki.
I know Torbirdy developers recommend POP over IMAP, but as a
mailtor.net user I don't have any other option.
----------------
I've checked it again. Write, wait it to be saved, close and open your
email via web-mail. And thats my draft in cleartext on mailtor.net server:
> Testing draft.
>
> Icedove 17.0.10 Enigmail 1.6 TorBirdy 0.1.2
>
> That's it.
Nima Fatemi:
> It doesn't have anything to do with TorBirdy.
I did not say it is TorBirdy fault.
But yes it has everything to do with TorBirdy. It is an anonymity and
security tool and tries avoid leaks. Maybe you just don't see it as a
leak.
Anyway the users must know it may happen.
> All you really have to do, is to have Encryption on by default in
> Enigmail. Your drafts are now going to be encrypted. Problem
> solved!
Sukhbir Singh:
> By default, Enigmail saves an encrypted copy of the message. This
> is the default setting [1] and I think it also confirms this when
> it saves an encrypted message for the first time. TorBirdy does
> not modify this setting so it should be enabled by default for
> Enigmail.
Enigmail asks to save an encrypted draft *only when you enable
encryption* to that message. If you forget to set the encryption and
write it will be saved in cleartext without asking anything.
When you are sending the email Enigmail asks if you really wanna send
unencrypted, but the draft already have been sent unencrypted on the
IMAP server.
Enigmail should ask *always* when saving a draft remotely. Even
locally it should.
And TorBirdy should help prevent this to happen.
griffin@cryptolab.net:
> Now Thunderbird is set to *not* automatically create/save drafts.
> Works like a charm. =)
That should be default set by both Enigmail and TorBirdy.
Also should set to save locally, instead of remotely, if the user
wants to save a draft.
**Trac**:
**Username**: arkmdSukhbir SinghSukhbir Singh