mirror of
https://github.com/privacyguides/privacyguides.org.git
synced 2024-12-22 06:05:11 -05:00
Fix inconsistencies on email pages (#1393)
This commit is contained in:
parent
81c2abd931
commit
05353aca85
@ -17,7 +17,7 @@ Even if you use OpenPGP, it does not support [forward secrecy](https://en.wikipe
|
|||||||
|
|
||||||
### What Email Clients Support E2EE?
|
### What Email Clients Support E2EE?
|
||||||
|
|
||||||
Email providers which allow you to use standard access protocols like IMAP and SMTP can be used with any of the [email clients we recommend](../email-clients.md). This can be less secure as you are now relying on email providers to ensure that their encryption implementation works and has not been compromised in anyway.
|
Email providers which allow you to use standard access protocols like IMAP and SMTP can be used with any of the [email clients we recommend](../email-clients.md). Depending on the authentication method, this may lead to the decrease security if either the provider or the email client does not support OATH or a bridge application as [multi-factor authentication](/basics/multi-factor-authentication/) is not possible with plain password authentication.
|
||||||
|
|
||||||
### How Do I Protect My Private Keys?
|
### How Do I Protect My Private Keys?
|
||||||
|
|
||||||
@ -39,4 +39,6 @@ Email metadata is protected from outside observers with [Opportunistic TLS](http
|
|||||||
|
|
||||||
Email metadata is crucial to the most basic functionality of email (where it came from, and where it has to go). E2EE was not built into the email protocols originally, instead requiring add-on software like OpenPGP. Because OpenPGP messages still have to work with traditional email providers, it cannot encrypt email metadata, only the message body itself. That means that even when using OpenPGP, outside observers can see lots of information about your messages, such as who you're emailing, the subject lines, when you're emailing, etc.
|
Email metadata is crucial to the most basic functionality of email (where it came from, and where it has to go). E2EE was not built into the email protocols originally, instead requiring add-on software like OpenPGP. Because OpenPGP messages still have to work with traditional email providers, it cannot encrypt email metadata, only the message body itself. That means that even when using OpenPGP, outside observers can see lots of information about your messages, such as who you're emailing, the subject lines, when you're emailing, etc.
|
||||||
|
|
||||||
|
## Email provider security
|
||||||
|
|
||||||
--8<-- "includes/abbreviations.en.md"
|
--8<-- "includes/abbreviations.en.md"
|
||||||
|
@ -326,12 +326,12 @@ We regard these features as important in order to provide a safe and optimal ser
|
|||||||
**Minimum to Qualify:**
|
**Minimum to Qualify:**
|
||||||
|
|
||||||
- Encrypts email account data at rest with zero-access encryption.
|
- Encrypts email account data at rest with zero-access encryption.
|
||||||
- Integrated webmail E2EE/PGP encryption provided as a convenience.
|
|
||||||
|
|
||||||
**Best Case:**
|
**Best Case:**
|
||||||
|
|
||||||
- Encrypts all account data (Contacts, Calendars etc) at rest with zero-access encryption.
|
- Encrypts all account data (Contacts, Calendars etc) at rest with zero-access encryption.
|
||||||
- Allow users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). Custom domain names are important to users because it allows them to maintain their agency from the service, should it turn bad or be acquired by another company which doesn't prioritize privacy etc.
|
- Allow users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). Custom domain names are important to users because it allows them to maintain their agency from the service, should it turn bad or be acquired by another company which doesn't prioritize privacy etc.
|
||||||
|
- Integrated webmail E2EE/PGP encryption provided as a convenience.
|
||||||
- Support for [WKD](https://wiki.gnupg.org/WKD) to allow improved discovery of public OpenPGP keys via HTTP.
|
- Support for [WKD](https://wiki.gnupg.org/WKD) to allow improved discovery of public OpenPGP keys via HTTP.
|
||||||
GnuPG users can get a key by typing: `gpg --locate-key example_user@example.com`
|
GnuPG users can get a key by typing: `gpg --locate-key example_user@example.com`
|
||||||
- Support for a temporary mailbox for external users. This is useful when you want to send an encrypted email, without sending an actual copy to your recipient. These emails usually have a limited lifespan and then are automatically deleted. They also don't require the recipient to configure any cryptography like OpenPGP.
|
- Support for a temporary mailbox for external users. This is useful when you want to send an encrypted email, without sending an actual copy to your recipient. These emails usually have a limited lifespan and then are automatically deleted. They also don't require the recipient to configure any cryptography like OpenPGP.
|
||||||
@ -362,7 +362,7 @@ Email servers deal with a lot of very sensitive data. We expect that providers w
|
|||||||
**Minimum to Qualify:**
|
**Minimum to Qualify:**
|
||||||
|
|
||||||
- Protection of webmail with 2FA, such as TOTP.
|
- Protection of webmail with 2FA, such as TOTP.
|
||||||
- Encryption at rest, (e.g. [dm-crypt](https://en.wikipedia.org/wiki/dm-crypt)) this protects the contents of the servers in case of unlawful seizure.
|
- Zero access encryption, builds on encryption at rest. The provider does not have the decryption keys to the data they hold. This prevents a rogue employee leaking data they have access to or remote adversary from releasing data they have stolen by gaining unauthorized access to the server.
|
||||||
- [DNSSEC](https://en.wikipedia.org/wiki/Domain_Name_System_Security_Extensions) support.
|
- [DNSSEC](https://en.wikipedia.org/wiki/Domain_Name_System_Security_Extensions) support.
|
||||||
- No [TLS](https://en.wikipedia.org/wiki/Opportunistic_TLS) errors/vulnerabilities when being profiled by tools such as [Hardenize](https://www.hardenize.com), [testssl.sh](https://testssl.sh) or [Qualys SSL Labs](https://www.ssllabs.com/ssltest), this includes certificate related errors, poor or weak ciphers suites, weak DH parameters such as those that led to [Logjam](https://en.wikipedia.org/wiki/Logjam_(computer_security)).
|
- No [TLS](https://en.wikipedia.org/wiki/Opportunistic_TLS) errors/vulnerabilities when being profiled by tools such as [Hardenize](https://www.hardenize.com), [testssl.sh](https://testssl.sh) or [Qualys SSL Labs](https://www.ssllabs.com/ssltest), this includes certificate related errors, poor or weak ciphers suites, weak DH parameters such as those that led to [Logjam](https://en.wikipedia.org/wiki/Logjam_(computer_security)).
|
||||||
- A valid [MTA-STS](https://tools.ietf.org/html/rfc8461) and [TLS-RPT](https://tools.ietf.org/html/rfc8460) policy.
|
- A valid [MTA-STS](https://tools.ietf.org/html/rfc8461) and [TLS-RPT](https://tools.ietf.org/html/rfc8460) policy.
|
||||||
@ -378,7 +378,6 @@ Email servers deal with a lot of very sensitive data. We expect that providers w
|
|||||||
**Best Case:**
|
**Best Case:**
|
||||||
|
|
||||||
- Support for hardware authentication, ie U2F and [WebAuthn](https://en.wikipedia.org/wiki/WebAuthn). U2F and WebAuthn are more secure as they use a private key stored on a client-side hardware device to authenticate people, as opposed to a shared secret that is stored on the web server and on the client side when using TOTP. Furthermore, U2F and WebAuthn are more resistant to phishing as their authentication response is based on the authenticated [domain name](https://en.wikipedia.org/wiki/Domain_name).
|
- Support for hardware authentication, ie U2F and [WebAuthn](https://en.wikipedia.org/wiki/WebAuthn). U2F and WebAuthn are more secure as they use a private key stored on a client-side hardware device to authenticate people, as opposed to a shared secret that is stored on the web server and on the client side when using TOTP. Furthermore, U2F and WebAuthn are more resistant to phishing as their authentication response is based on the authenticated [domain name](https://en.wikipedia.org/wiki/Domain_name).
|
||||||
- Zero access encryption, builds on encryption at rest. The difference being the provider does not have the decryption keys to the data they hold. This prevents a rogue employee leaking data they have access to or remote adversary from releasing data they have stolen by gaining unauthorized access to the server.
|
|
||||||
- [DNS Certification Authority Authorization (CAA) Resource Record](https://tools.ietf.org/html/rfc6844) in addition to DANE support.
|
- [DNS Certification Authority Authorization (CAA) Resource Record](https://tools.ietf.org/html/rfc6844) in addition to DANE support.
|
||||||
- Implementation of [Authenticated Received Chain (ARC)](https://en.wikipedia.org/wiki/Authenticated_Received_Chain), this is useful for people who post to mailing lists [RFC8617](https://tools.ietf.org/html/rfc8617).
|
- Implementation of [Authenticated Received Chain (ARC)](https://en.wikipedia.org/wiki/Authenticated_Received_Chain), this is useful for people who post to mailing lists [RFC8617](https://tools.ietf.org/html/rfc8617).
|
||||||
- Bug-bounty programs and/or a coordinated vulnerability-disclosure process.
|
- Bug-bounty programs and/or a coordinated vulnerability-disclosure process.
|
||||||
|
Loading…
Reference in New Issue
Block a user