Remove Disroot email recommendation (#1117)

Signed-off-by: Daniel Gray <dng@disroot.org>
This commit is contained in:
Jonah Aragon 2022-05-16 13:13:08 +00:00 committed by Daniel Gray
parent 396a220960
commit fa8e48aa43
No known key found for this signature in database
GPG Key ID: 41911F722B0F9AE3
6 changed files with 12 additions and 57 deletions

File diff suppressed because one or more lines are too long

Before

Width:  |  Height:  |  Size: 7.3 KiB

File diff suppressed because one or more lines are too long

Before

Width:  |  Height:  |  Size: 7.3 KiB

View File

@ -1 +0,0 @@
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 384 298"><path fill="#fff" fill-rule="nonzero" d="M70.761.97C76.184-.66 82.722.258 88.337.258c15.055 0 30.042 2.067 45.011 4.17l3.326.467 1.663.233c45.993 6.411 93.211 18.792 134.996 39.39 17.902 8.824 34.021 20.622 51.004 30.995 14.752 9.01 27.07 19.226 39.039 31.746 6.143 6.427 12.996 13.692 16.496 21.999 4.552 10.803 4.835 25.505 3.026 37-3.916 24.881-23.26 44.954-42.391 59.656-43.041 33.076-99.083 50.141-151.17 62.905-16.984 4.162-35.457 8.411-53 8.439-.975.002-1.973.02-2.979.031l-.672.007-.673.003-.675-.002c-5.62-.04-11.225-.76-14.443-6.133-1.261-2.106-1.85-4.545-2.427-6.906-6.126-25.092 31.664-30.723 30.826-56-.485-14.613-10.464-29.563-15.532-43-9.602-25.457-19.686-51.149-30.76-76-1.418-3.18-2.62-6.472-3.8-9.777l-1.063-2.975c-1.896-5.287-3.886-10.53-6.761-15.323-5.132-8.555-12.664-10.856-22.041-12.196-12.935-1.848-27.059-1.232-40 .22-1.936.218-4.408.635-7.04.947l-.61.07c-7.352.815-15.714.647-17.122-6.97-2.66-14.398 4.373-25.648 14.772-34.901C31.677 13.814 50.274 7.132 70.761.97Zm128.576 103.287c5.051 17.461 11.049 34.665 17.135 51.81l2.15 6.05a3170.29 3170.29 0 0 1 6.41 18.14c4.16 11.926 11.046 23.215 12.131 36 .281 3.305-.307 6.559-.93 9.805l-.248 1.299c-.246 1.298-.48 2.596-.648 3.896 19.663-4.844 47.291-6.374 60.443-24.001 8.448-11.322 9.163-26.261 1.449-37.999-2.234-3.4-5.12-6.116-8.052-8.83l-1.036-.958c-.69-.64-1.38-1.285-2.059-1.943-18.683-18.082-40.608-35.514-64.741-45.669-7.315-3.078-14.033-6.427-22.004-7.6Z"/></svg>

Before

Width:  |  Height:  |  Size: 1.5 KiB

View File

@ -1 +0,0 @@
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 384 298"><path fill="#50162D" fill-rule="nonzero" d="M70.761.97C76.184-.66 82.722.258 88.337.258c15.055 0 30.042 2.067 45.011 4.17l3.326.467 1.663.233c45.993 6.411 93.211 18.792 134.996 39.39 17.902 8.824 34.021 20.622 51.004 30.995 14.752 9.01 27.07 19.226 39.039 31.746 6.143 6.427 12.996 13.692 16.496 21.999 4.552 10.803 4.835 25.505 3.026 37-3.916 24.881-23.26 44.954-42.391 59.656-43.041 33.076-99.083 50.141-151.17 62.905-16.984 4.162-35.457 8.411-53 8.439-.975.002-1.973.02-2.979.031l-.672.007-.673.003-.675-.002c-5.62-.04-11.225-.76-14.443-6.133-1.261-2.106-1.85-4.545-2.427-6.906-6.126-25.092 31.664-30.723 30.826-56-.485-14.613-10.464-29.563-15.532-43-9.602-25.457-19.686-51.149-30.76-76-1.418-3.18-2.62-6.472-3.8-9.777l-1.063-2.975c-1.896-5.287-3.886-10.53-6.761-15.323-5.132-8.555-12.664-10.856-22.041-12.196-12.935-1.848-27.059-1.232-40 .22-1.936.218-4.408.635-7.04.947l-.61.07c-7.352.815-15.714.647-17.122-6.97-2.66-14.398 4.373-25.648 14.772-34.901C31.677 13.814 50.274 7.132 70.761.97Zm128.576 103.287c5.051 17.461 11.049 34.665 17.135 51.81l2.15 6.05a3170.29 3170.29 0 0 1 6.41 18.14c4.16 11.926 11.046 23.215 12.131 36 .281 3.305-.307 6.559-.93 9.805l-.248 1.299c-.246 1.298-.48 2.596-.648 3.896 19.663-4.844 47.291-6.374 60.443-24.001 8.448-11.322 9.163-26.261 1.449-37.999-2.234-3.4-5.12-6.116-8.052-8.83l-1.036-.958c-.69-.64-1.38-1.285-2.059-1.943-18.683-18.082-40.608-35.514-64.741-45.669-7.315-3.078-14.033-6.427-22.004-7.6Z"/></svg>

Before

Width:  |  Height:  |  Size: 1.5 KiB

View File

@ -100,45 +100,6 @@ For everything else, we recommend a variety of email providers based on sustaina
All accounts come with limited cloud storage that [can be encrypted](https://kb.mailbox.org/display/MBOKBEN/Encrypt+files+on+your+Drive). Mailbox.org also offers the alias [@secure.mailbox.org](https://kb.mailbox.org/display/MBOKBEN/Ensuring+E-Mails+are+Sent+Securely), which enforces the TLS encryption on the connection between mail servers, otherwise the message will not be sent at all. Mailbox.org also supports [Exchange ActiveSync](https://en.wikipedia.org/wiki/Exchange_ActiveSync) in addition to standard access protocols like IMAP and POP3.
### Disroot
!!! recommendation
![Disroot logo](assets/img/email/disroot.svg#only-light){ align=right }
![Disroot logo](assets/img/email/disroot-dark.svg#only-dark){ align=right }
**Disroot** offers email amongst [other services](https://disroot.org/en/#services). The service is maintained by volunteers and its community. They have been in operation since 2015. Disroot is based in Amsterdam. Disroot is free and uses open source software such as Rainloop to provide service. You can support the service through donations and buying extra storage. The mailbox limit is 1 GB, but extra storage can be purchased 0.15€ per GB per month paid yearly.
**Free**
[Website](https://disroot.org){ .md-button .md-button--primary } [Privacy Policy](https://disroot.org/en/privacy_policy){ .md-button }
??? check "Custom Domains and Aliases"
Disroot lets you use your own domain. They have aliases, however you must [manually apply](https://disroot.org/en/forms/alias-request-form) for them.
??? check "Private Payment Methods"
Disroot accepts Bitcoin and Faircoin as payment methods. They also accept PayPal, direct bank deposit, and Patreon payments. Disroot is a not-for-profit organization that also accepts donations through Liberapay, Flattr, and Monero, but these payment methods cannot be used to purchase services.
??? check "Account Security"
Disroot supports TOTP two factor authentication for webmail only. They do not allow U2F security key authentication.
??? warning "Data Security"
Disroot uses FDE. However, it doesn't appear to be "zero access", meaning it is technically possible for them to decrypt the data they have if it is not additionally encrypted with a tool like OpenPGP.
Disroot also uses the standard [CalDAV](https://en.wikipedia.org/wiki/CalDAV) and [CardDAV](https://en.wikipedia.org/wiki/CardDAV) protocols for calendars and contacts, which do not support E2EE. A [standalone option](calendar-contacts.md) may be more appropriate.
??? check "Email Encryption"
Disroot allows for encrypted emails to be sent from their webmail application using OpenPGP. However, Disroot has not integrated a Web Key Directory (WKD) for email accounts on their platform.
??? info "Additional Functionality"
They offer [other services](https://disroot.org/en/#services) such as NextCloud, XMPP Chat, Etherpad, Ethercalc, Pastebin, Online polls and a Gitea instance. They also have an app [available in F-Droid](https://f-droid.org/packages/org.disroot.disrootapp/).
### Tutanota
!!! recommendation
@ -350,16 +311,16 @@ We regard these features as important in order to provide a safe and optimal ser
**Minimum to Qualify:**
- Encrypts account data at rest.
- Integrated webmail encryption provides convenience to those who want an improvement on having no E2EE.
- Encrypts email account data at rest with zero-access encryption.
- Integrated webmail E2EE/PGP encryption provided as a convenience.
**Best Case:**
- Encrypts account data at rest with zero-access encryption.
- Allow you to use your own [domain name](https://en.wikipedia.org/wiki/Domain_name). Custom domain names are important, because they allow you to maintain your agency from the service, should it turn bad or be acquired by another company which doesn't prioritize privacy, etc.
- Encrypts all account data (Contacts, Calendars etc) at rest with zero-access encryption.
- Allow users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). Custom domain names are important to users because it allows them to maintain their agency from the service, should it turn bad or be acquired by another company which doesn't prioritize privacy etc.
- Support for [WKD](https://wiki.gnupg.org/WKD) to allow improved discovery of public OpenPGP keys via HTTP.
You can get a key by typing: `gpg --locate-key example_user@example.com`
- Support for a temporary mailbox for outside accounts. This is useful when you want to send an encrypted email, without sending an actual copy to your recipient. These emails usually have a limited lifespan and then are automatically deleted. They also don't require the recipient to configure any cryptography like OpenPGP.
GnuPG users can get a key by typing: `gpg --locate-key example_user@example.com`
- Support for a temporary mailbox for external users. This is useful when you want to send an encrypted email, without sending an actual copy to your recipient. These emails usually have a limited lifespan and then are automatically deleted. They also don't require the recipient to configure any cryptography like OpenPGP.
- Availability of the email provider's services via an [onion service](https://en.wikipedia.org/wiki/.onion).
- [Subaddressing](https://en.wikipedia.org/wiki/Email_address#Subaddressing) support.
- Catch-all or alias functionality for those who own their own domains.
@ -396,7 +357,6 @@ Email servers deal with a lot of very sensitive data. We expect that providers w
- A server suite preference of TLS 1.2 or later and a plan for [Deprecating TLSv1.0 and TLSv1.1](https://datatracker.ietf.org/doc/draft-ietf-tls-oldversions-deprecate/).
- [SMTPS](https://en.wikipedia.org/wiki/SMTPS) submission, assuming SMTP is used.
- Website security standards such as:
- [HTTP Strict Transport Security](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security)
- [Subresource Integrity](https://en.wikipedia.org/wiki/Subresource_Integrity) if loading things from external domains.
@ -408,7 +368,6 @@ Email servers deal with a lot of very sensitive data. We expect that providers w
- Implementation of [Authenticated Received Chain (ARC)](https://en.wikipedia.org/wiki/Authenticated_Received_Chain), this is useful for people who post to mailing lists [RFC8617](https://tools.ietf.org/html/rfc8617).
- Bug-bounty programs and/or a coordinated vulnerability-disclosure process.
- Website security standards such as:
- [Content Security Policy (CSP)](https://en.wikipedia.org/wiki/Content_Security_Policy)
- [Expect-CT](https://datatracker.ietf.org/doc/draft-ietf-httpbis-expect-ct)
@ -504,3 +463,4 @@ When emails travel between email providers an encrypted connection is negotiated
- [The Government Can (Still) Read Most Of Your Emails Without A Warrant (2013)](https://thinkprogress.org/the-government-can-still-read-most-of-your-emails-without-a-warrant-322fe6defc7b/)
--8<-- "includes/abbreviations.en.md"

View File

@ -130,7 +130,6 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
- ![ProtonMail logo](assets/img/email/mini/protonmail.svg){ .twemoji } [ProtonMail](https://protonmail.com/)
- ![Mailbox.org logo](assets/img/email/mini/mailboxorg.svg){ .twemoji } [Mailbox.org](https://mailbox.org/)
- ![Disroot logo](assets/img/email/mini/disroot.svg#only-light){ .twemoji }![Disroot logo](assets/img/email/mini/disroot-dark.svg#only-dark){ .twemoji } [Disroot](https://disroot.org/)
- ![Tutanota logo](assets/img/email/mini/tutanota.svg){ .twemoji } [Tutanota](https://tutanota.com/)
- ![StartMail logo](assets/img/email/mini/startmail.svg#only-light){ .twemoji }![StartMail logo](assets/img/email/mini/startmail-dark.svg#only-dark){ .twemoji } [StartMail](https://startmail.com/)