為了改善您的使用體驗,本網站正在進行維護,部分功能暫時無法使用。若本站的文件無法解決您的問題,想要向社群發問的話,請到 Twitter 上的 @FirefoxSupport 或 Reddit 上的 /r/firefox 發問,我們的社群成員將很快會回覆您的疑問。

搜尋 Mozilla 技術支援網站

防止技術支援詐騙。我們絕對不會要求您撥打電話或發送簡訊,或是提供個人資訊。請用「回報濫用」功能回報可疑的行為。

了解更多

此討論串已經關閉並封存。 如果您有需要幫助,請新增一個新問題

Encryption - email account with no key can access encrypted email?

  • 10 回覆
  • 1 有這個問題
  • 1 次檢視
  • 最近回覆由 Matt

more options

I've set up 3 email accounts on Thunderbird on a single computer.

I've set up 2 of them with each other's keys to send and receive encrypted emails.

However, the third email account has no key at all but can still read encrypted emails by pressing the "Repair Message" button.

Thunderbird won't let you encrypt a message unless at least one of the recipients of an email has a key. However, if another recipient doesn't have a key, that recipient will still receive the encrypted message but can open it as explained above.

Have I done something wrong? I thought the receiver without the key should not be able to open the encrypted email. If they can open it, does that mean anyone at any hop along the path of the email can open it?

TIA John

I've set up 3 email accounts on Thunderbird on a single computer. I've set up 2 of them with each other's keys to send and receive encrypted emails. However, the third email account has no key at all but can still read encrypted emails by pressing the "Repair Message" button. Thunderbird won't let you encrypt a message unless at least one of the recipients of an email has a key. However, if another recipient doesn't have a key, that recipient will still receive the encrypted message but can open it as explained above. Have I done something wrong? I thought the receiver without the key should not be able to open the encrypted email. If they can open it, does that mean anyone at any hop along the path of the email can open it? TIA John

所有回覆 (10)

more options

Is this using s/mime or PGP and enigmail?

more options

Hi Matt,

I'm using PGP and enigmail.

more options

Well I assume it's using PGP and Enigmail. I downloaded the PGP package and added the Enigmail extension to Thunderbird.

more options

I think the problem was that I was trying to test it all on the same machine. When I tested an email to a different host they were not able to decrypt the message.

Thanks.

more options

one instance of Thunderbird with three email accounts will certainly have access to the encryption keys for all accounts. They are not doled out per account.

more options

Yes, Thanks Matt!

more options

Matt said

one instance of Thunderbird with three email accounts will certainly have access to the encryption keys for all accounts. They are not doled out per account.

If this is true, it is a really, really faulty design.

more options

r_avital said

Matt said
one instance of Thunderbird with three email accounts will certainly have access to the encryption keys for all accounts. They are not doled out per account.

If this is true, it is a really, really faulty design.

It is true and personally I see no fault in the design. You might, but really it is not relevant in the context of this question what you think is faulty.

more options

And here I was under the impression, apparently mistaken, that as long as the language is kept clean and courteous, criticism, including of the design of TB, was allowed and legitimate. Respectfully, what is relevant to you is not relevant to me. Whatever, me wrong you right have a nice day.

more options

Locking this spam generating topic.