Oddbean

Protonmail breaks user-applied PGP signatures, They only allow Proton PGP. And NOT you applying it on your own. "you’ll upload your private key to our servers and you’ll like it!" I'm reposting this from John Floren's Blog, I'm not the author. (he's using Proton Bridge in a VM, with his own PGP via FairEmail and Claws) " When I sent a test message to myself, though, Claws and FairEmail didn’t have any clue that it was signed. If I switched to PGP inline, it worked. I sent an email to one of the Claws maintainers, who reported that my MIME structure was all messed up. He sent me a signed message back, and Claws was able to verify the signature just fine. It turns out that Proton has been breaking outgoing PGP signatures from the beginning: https://github.com/ProtonMail/proton-bridge/issues/26, https://github.com/ProtonMail/proton-bridge/issues/320. It seems that their argument is this: -When you send a regular email via Proton to another Proton client, they automatically PGP sign+encrypt the message. (I think this is great!) -Their automatic signing+encryption cannot coexist with a user-applied signature. -Therefore, all user-applied signatures will be broken. Tough luck, bucko, we’re the SECURE email company, you’ll upload your private key to our servers and you’ll like it! It’s absurd that there’s no way to disable this, no option to tell Proton “if you see a multipart/signed or multipart/encrypted message, just leave it the hell alone.” I’m looking at other potential email hosts. I know PGP isn’t widely used, but I have a hard time swallowing Proton’s silent mangling of my email, and I especially dislike their smarmy we-know-better attitude when people complain about it." Original Source: https://jfloren.net/b/2023/7/7/0 Alternative? https://simplifiedprivacy.com/email-cloud-combo/