Differences between revisions 5 and 12 (spanning 7 versions)

Contract 'EasyGpg' 2016

Scheduled contract time line: Januar 2016 - June 2017 (extended to Sept 2017).

Results (preliminary)

An RFC-draft and rationale how to initiate an encrypted communication via the email-address. See WKD/WKS overview page. Initially published mid 2016 and refined with stakeholders.

Improvements to the crypto engine GnuPG to support more trust-levels and the new pubkey discovery methods for clients and email providers have been implemented ('in upstream') and published with GnuPG 2.2 (August 2017) and Gpg4win 3.0.0(rc).

Implementations of an easier embarking process to be ready for end-to-end crypto and other crypto improvements for Thunderbird/Enigmail (GNU/Linux, Windows) and KMail (GNU/Linux) have been given upstream so they are scheduled to be released with the next stable release (e.g. KDEPIM 17.10).

Stakeholders like email providers and mail user agent developers were approached to gather feedback and gain support. Of the two privacy leading email providers in Germany, one added early web key directory support in Dez 2016.

Resulting software improvements and designs have been developed within the upstream Free Software initiatives as far as possible, in the open and under a compatible Free Software license.

Goals

Improve the user experience of end-to-end cryptography based on OpenPGP for email.
Design a new trust model that allows to automate key creation and cert exchange inspired by TOFU or TUFC concepts. Use the existing relationship between user and email service provider (ESP).
Convince email service providers to offer a certificate discovery service for their users. Offer a fallback solution for testing the resulting implementations.
Implement the email client side for Thunderbird and Kontact Mail.
Improve the usability for Thunderbird and Kontact Mail by adding comfort options for storing encrypted emails.

Principal BSI

The German Federal Office for Information Security (BSI) contracted Intevation and g10 Code.

The public tender was published in September 2015. The bid was accepted in the last days of December 2015.

Team

The team consist of the German companies Intevation GmbH and g10 code GmbH. As a subcontractor KDAB (Deutschland) GmbH & Co. KG will help with the Kontact Mail and Kleopatra implementation parts.

Contact

Prefered: via the public channels of Gpg4win or GnuPG.

Alternatively send email to Emanuel (69A911FC) or Bernhard (EFF5D42A) from Intevation. Encryption appreciated. ;-)

Development Lab

Documenting work and design processes

Vision and some user stories (Meeting April 2016)
Pubkey Distribution Concept (in discussion)
Components (work in progress)
User Interface Interaction with GnuPG (work in progress)
AutomatedEncryption
Outlook Ui for Automated / Easy Encryption

-  ⇤ ← Revision 5 as of 2016-05-09 10:21:10 → 
  Size: 2481
  Editor: EmanuelSchuetze
  Comment: Links
+   ← Revision 12 as of 2017-09-15 08:51:35 → ⇥
  Size: 3562
  Editor: bernhard
  Comment: Update to sort  preliminary results to the top
-Deletions are marked like this.
+Additions are marked like this.
 Line 3:
-== Work in progress
//Linking to ongoing work related to the contract//
+Scheduled contract time line: Januar 2016 - June 2017 (extended to Sept 2017).
-Line 6:
+Line 5:
-* [[/VisionAndStories|Vision and some user stories]] (Meeting April 2016)
* [[/CertDistributionConcept|Certificate Distribution Concept]] (work in progress)
* [[/Components|Components]] (work in progress)
+== Results (preliminary)

* An RFC-draft and rationale how to initiate an encrypted communication via the email-address.
  See [[https://wiki.gnupg.org/WKD|WKD/WKS overview page]]. Initially published mid 2016
  and refined with stakeholders.

* Improvements to the crypto engine GnuPG to support more trust-levels and the new 
  pubkey discovery methods for clients and email providers
  have been implemented ('in upstream') and published with GnuPG 2.2 (August 2017)
  and Gpg4win 3.0.0(rc).

* Implementations of an easier embarking process to be ready for end-to-end crypto
  and other crypto improvements for Thunderbird/Enigmail (GNU/Linux, Windows) and KMail (GNU/Linux) have been 
  given upstream so they are scheduled to be released with the next stable release  
  (e.g. ~KD~EPIM 17.10).

* Stakeholders like email providers and mail user agent developers were approached
  to gather feedback and gain support. Of the two privacy leading email providers
  in Germany, one added early web key directory support in Dez 2016. 

Resulting software improvements and designs have been 
developed within the upstream Free Software initiatives
as far as possible, in the open and under a compatible Free Software license.
-Line 12:
+Line 31:
-* Improve the user experience of end-to-end cryptography based on OpenPGP
+* Improve the user experience of end-to-end cryptography based on ~OpenPGP
-Line 18:
+Line 37:
-  for their users. Use a central server as fallback.
+  for their users. Offer a fallback solution for testing the resulting implementations.
-Line 23:
+Line 42:
-== Timeline and Results

Scheduled contract time line: Januar 2016 - June 2017

Resulting software improvements or software designs 
will be developed within the upstream Free Software initiatives
as far as possible, in the open and under a compatible Free Software license. 
GNU GPL v>=2 is the prefered license.

Some contract reports or concepts will be in German.
They may be published under a CC-BY-SA license at discretion 
of the principal.
-Line 66:
+Line 73:
+== Development Lab
//Documenting work and design processes//

* [[/VisionAndStories|Vision and some user stories]] (Meeting April 2016)
* [[/PubkeyDistributionConcept|Pubkey Distribution Concept]] (in discussion)
* [[/Components|Components]] (work in progress)
* [[/UIIntegration|User Interface Interaction with GnuPG]] (work in progress)
* [[/AutomatedEncryption|AutomatedEncryption]]
* [[/OutlookUi|Outlook Ui for Automated / Easy Encryption]]