this post was submitted on 15 Sep 2024
78 points (98.8% liked)
Privacy
31609 readers
93 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
While technically true, bridge is ultimately an IMAP server you run yourself ... and they do have good reasons for this design.
do you know theit reason?
Imap and end to end encryption are not possible at the same time.
Bridge exposes an IMAP interface but encrypts everything as Proton would, had you used the web client.
It solves a technical limitation.
oh so only when using their client I have the e2ee for the emails on their server? kind of makes sence but def. a point to take into consideration.
No, I think you are misunderstanding my poor explanation.
Your emails are encrypted at rest on their server regardless if you use the web client or IMAP through the bridge.
The thing is that the encryption layer must happen at some point in time when you communicate with their API:s. In the web client this encryption is built-in. IMAP on the other hand does not support this type of end to end encryption, so the bridge adds this layer for you.
So you communicate unencrypted locally between your email client (Thunderbird for example) and the Protonmail bridge that you have installed locally on your computer. Then Protonmail bridge encrypts and decrypts all emails for you. So to your email client, it seems like a normal email server, but in reality everything is encrypted.
(Standard "encrypted email" disclaimer: Your emails are not encrypted in transit unless both parties, sending and receiving, are set up for encryption. Email is otherwise not end to end encrypted in transit)