From: Conor Dooley <[email protected]>
Proton Mail automatically picks up PGP keys for those with kernel.org
accounts (and other domains!) which provide WKD for their users & uses
them to encrypt emails, including patches.
Document the behaviour & Proton Mail's unsuitability for kernel
development.
Signed-off-by: Conor Dooley <[email protected]>
---
Documentation/process/email-clients.rst | 15 +++++++++++++++
1 file changed, 15 insertions(+)
diff --git a/Documentation/process/email-clients.rst b/Documentation/process/email-clients.rst
index fc2c46f3f82d..c448f2814b84 100644
--- a/Documentation/process/email-clients.rst
+++ b/Documentation/process/email-clients.rst
@@ -350,3 +350,18 @@ although tab2space problem can be solved with external editor.
Another problem is that Gmail will base64-encode any message that has a
non-ASCII character. That includes things like European names.
+
+Proton Mail
+***********
+
+Proton Mail has a "feature" where it looks up keys using Web Key Directory
+(WKD) and encrypts mail to any email recipients for which it finds a key.
+Kernel.org publishes the WKD for all developers who have kernel.org accounts.
+As a result, emails sent using Proton Mail to kernel.org addresses will be
+encrypted.
+Unfortunately, Proton Mail does not provide a mechanism to disable the
+automatic encryption, viewing it as a privacy feature.
+This affects mail sent from their web GUI, from other mail clients using their
+mail "bridge", as well as patches sent using ``git send-email``.
+Unless a way to disable this "feature" is introduced, Proton Mail is unsuited
+to kernel development.
--
2.38.1
On 12/28/22 07:03, Conor Dooley wrote:
> +
> +Proton Mail
> +***********
> +
> +Proton Mail has a "feature" where it looks up keys using Web Key Directory
> +(WKD) and encrypts mail to any email recipients for which it finds a key.
> +Kernel.org publishes the WKD for all developers who have kernel.org accounts.
> +As a result, emails sent using Proton Mail to kernel.org addresses will be
> +encrypted.
> +Unfortunately, Proton Mail does not provide a mechanism to disable the
> +automatic encryption, viewing it as a privacy feature.
> +This affects mail sent from their web GUI, from other mail clients using their
> +mail "bridge", as well as patches sent using ``git send-email``.
> +Unless a way to disable this "feature" is introduced, Proton Mail is unsuited
> +to kernel development.
All mails sent via Proton Mail SMTP relay? Also, why is sending encrypted emails
to public mailing lists (like LKML) not a good idea?
Thanks.
--
An old man doll... just what I always wanted! - Clara
+CC Joe & Alexander, who were the ones that had the problem.
On Wed, Dec 28, 2022 at 07:33:53PM +0700, Bagas Sanjaya wrote:
> On 12/28/22 07:03, Conor Dooley wrote:
> > +
> > +Proton Mail
> > +***********
> > +
> > +Proton Mail has a "feature" where it looks up keys using Web Key Directory
> > +(WKD) and encrypts mail to any email recipients for which it finds a key.
> > +Kernel.org publishes the WKD for all developers who have kernel.org accounts.
> > +As a result, emails sent using Proton Mail to kernel.org addresses will be
> > +encrypted.
> > +Unfortunately, Proton Mail does not provide a mechanism to disable the
> > +automatic encryption, viewing it as a privacy feature.
> > +This affects mail sent from their web GUI, from other mail clients using their
> > +mail "bridge", as well as patches sent using ``git send-email``.
> > +Unless a way to disable this "feature" is introduced, Proton Mail is unsuited
> > +to kernel development.
>
> All mails sent via Proton Mail SMTP relay?
I'm not quite sure what the purpose of your question is, sorry.
When I say "bridge", I mean their program by the same name:
https://proton.me/mail/bridge
When I was using proton, I do not recall being able to send mail using
proton without the bridge, their web GUI or their app.
Perhaps Joe or Alexander are aware of anything that's changed in the
last year.
> Also, why is sending encrypted emails
> to public mailing lists (like LKML) not a good idea?
Is that a real or rhetorical question?
Note that the public mailing list *does not* receive the encrypted
copies of the emails.
Thanks,
Conor.
On Wed, Dec 28, 2022 at 12:03:31AM +0000, Conor Dooley wrote:
> +Proton Mail has a "feature" where it looks up keys using Web Key Directory
> +(WKD) and encrypts mail to any email recipients for which it finds a key.
> +Kernel.org publishes the WKD for all developers who have kernel.org accounts.
> +As a result, emails sent using Proton Mail to kernel.org addresses will be
> +encrypted.
> +Unfortunately, Proton Mail does not provide a mechanism to disable the
> +automatic encryption, viewing it as a privacy feature.
I'd perhaps add a note here that the reason the encryption is a
problem is that developers may not have their mail client set up
for easy and fluid operation with encrypted mail, making the
process of reading the mail needlessly difficult, or it may cause
some mail clients to encrypt replies to everyone including the
list which obviously won't work well. But that's not essential,
either way
Reviewed-by: Mark Brown <[email protected]>
On Wed, Dec 28, 2022 at 12:03:31AM +0000, Conor Dooley wrote:
> +This affects mail sent from their web GUI, from other mail clients using their
> +mail "bridge", as well as patches sent using ``git send-email``.
I suggest a minor tweak to wording here:
The automatic encryption feature is also enabled for mail sent via the
Proton Mail Bridge, so this affects all outgoing messages, including
patches sent with ``git send-email``.
> +Unless a way to disable this "feature" is introduced, Proton Mail is unsuited
> +to kernel development.
Reviewed-by: Konstantin Ryabitsev <[email protected]>
Thanks!
-K