Delta chat to protonmail user

no: https://www.reddit.com/r/ProtonMail/comments/c1p5am/update_on_autocrypt_support/

I’ll check their blog when I have the time and then maybe ask them directly.

Not entirely related, but Delta Chat has been tested with ProtonMail IMAP/SMTP bridge. The result is unfortunate, ProtonMail bridge corrupts MIME structure of outgoing OpenPGP messages and strips Autocrypt header away:

So even with ProtonMail bridge and Delta Chat client running on your desktop it is currently impossible to have encrypted chat with ProtonMail address and encryption. MIME structure corruption is recoverable, but we need to either fix the bridge to keep Autocrypt header, if it is possible with ProtonMail API, or find a way to exchange keys via attachments.

Hey, any updates on this?

I do get encrypted messages to my DC from PM that I can only read in DC. But I cant find any documentation.

Hello there ,

For your information, some of us could perhaps keep voting for a feature request available from

It was published about two years before those concerns were voiced around.

Some folks at Proton might will be willing to help us prevent the autocrypt headers from being stripped away if that is one of the underlying issues Delta chat to protonmail user - #11 by link2xt

Delta Chat could let us import Proton’s keys. They use WKD.
There’s another thread for that already and a more specific WKD thread. This would solve interop with Proton users.

What is the goal of using PM with Delta Chat?
PM owns private keys.

Proton stores an AES-256 encrypted version of the user’s private key, so they can’t apply it server side to decrypt or encrypt.

Delta Chat has more opportunities to snarf private keys than the web version of Proton does, if they were to add “phoning home” to the App Store or Google Play releases (although that would hopefully be detected by us users if we lan snooped ourselves).

One opportunity Proton has to steal the key would be through a backdoored version of their bridge. Not everyone uses their bridge, but for those who do, it’s important to use a version of it (either the original or the Hydroxide clone) with a verified compilation process and not trust rando binaries. They would be able to hide home-phoning much easilier than Delta Chat could.

There is also another reason.

My own email is in a Dovecot repo hosted in a Linode VPS (now owned by Akamai), I don’t use Proton.

If I send a PGP encrypted message to a Proton user, and you’re right in saying that Proton have managed to sneak in a back door through several audits and world-readable client side code (not impossible—code obfuscation is a hell of a drug. Never forget Heartbleed), they can read it. But Akamai/Linode can not.

If I send a plaintext message to a Proton user, both Proton and Akamai/Linode can read it. That’s worse.

(Thanks to TLS, eavesdroppers cannot read it.)

you just need some fail in ssl pinning or dns then a ISP or organisation network admin could middle the connection and give out a modified web client that exfiltrates the key. This could be done targeted so would be harder to find, mind that app stores could also do targeted replacement of the DC app build in theory.

I wouldn’t say one or the other is more secure, maybe besides that deltachat does not store the key encrypted and on some systems (desktop) other apps could access and steal it, but so could a compromised browser or malicious browser plugin with proton mail.

But always depends on how badly the bad actors want your data and who your bad actors are that you are scared of.

security does not exist. It’s always about the context: secure against what?

Proton could also start to support autocrypt

But I’m not really against WKD, sounds like a better solution than key servers provided that you trust your provider

Though as Holger already said in the WKD topic we need a real concept to integrate it seamlessly into deltachat, which is not trivial:

You’d need to fail in both SSL and DNS at the same time, wouldn’t you? And even then the web client’s source is readable (albeit very obfuscated / long). Again, I don’t use Proton myself.

As I’ve asked them many times.

But I’ve come to this philosophy:

1. Autocrypt is great. DKIM solved the biggest problems.
2. But Autocrypt is best deployed as an additional bonus feature to make PGP easier where it’s supported. (And that goes for WKD too, ideally an app supports both WKD and Autocrypt and maybe also HPK.) As an extra on top of an app that already supports normal vanilla manual key imports. Not as the only way to do PGP the way it is with Delta Chat today.

Why? Because there are always gonna be projects that are complete jerks like Thunderbird (who “does not support the Autocrypt philosophy that encryption should be fully automatic” 🪿) or Tuta (who wants to leverage the vendor lock-in of their proprietary network) or projects hesitant to adopt Autocrypt because of the mitm issue* or because they’re invested in the WKD solution.

*: Which DKIM mitigates.

There is such obstinacy around the Autocrypt vs WKD vs all-manual-all-the-time camps. Which I understand, there’s NIH and there’s pride and there’s simply the fact that WKD and Autocrypt both have their cons (WKD requires server-side support which not all providers will implement, Autocrypt requires at least one message sent before encryption can start) The only way out of the impasse is to be the bigger person and break the stalemate by implementing the competing thing too.

We have a chance to significantly up the amount of PGP & e2ee sent in the world but we’re leaving it on the table because of pride.

Even Proton for all their love for WKD can work with manual key imports and exports too, with vanilla PGP. The WKD automatic thing is just a bonus.

Whenever Delta Chat shows me a PGP email from someone who doesn’t have Autocrypt headers, I can’t reply to them. I have to open my other MUA which can handle it. And this is happening several times per day. Delta Chat gets relegated to being a mere xbiff to remind me to SSH into the other MUA.

If the person does have Autocrypt headers, I can respond, and if they don’t encrypt at all, I can respond—in other words, it’s easier to handle someone who doesn’t use encryption! That if nothing else should be a sign that something is wrong here.

And what’s worse, and this happens often, too often, is that I won’t even realize that they’re an encryption user because they don’t have Autocrypt headers. Because if I reply accidentally from Delta Chat, it sends non-encryptedly! And that has happened many times. For each and every sender I need to remember whether this is someone I can safely reply to from Delta Chat or not. That’s not a good feeling. That’s a ball of stress.

But I replied there!

Autocrypt is a good complement for users who are stuck on non-WKD hosts as long as those hosts support IMAP.
I’m not against Autocrypt. I’ve advocated for it and worked to implement it.

But it’s not a replacement for the real thing. This gets a li’l “let them eat cake”; cake is a nice upgrade on normal bread but if you don’t have normal bread, the icing is gonna be pretty useless.

“How can we make this door open a li’l easier and less creakily? We’ll grease it, that’ll work better.” Autocrypt is like grease (and WKD is a competing-but-not-really-incompatible brand of grease) whereas normal PGP is like the actual door! Greasing the wall won’t let me out!

I’ve never used the QR code thing that you guys have and I never ever will! If I’m seeing someone in real life the last thing I wanna do is schlep out our computers (I probably didn’t even bring mine, I leave it at home).

WKD is way better than Autocrypt (because of mitm + first message problem*) but Autocrypt work more places (since it’s all client side)—but more places doesn’t mean a superset of places since there are places that have WKD but not IMAP. But what’s really a superset of places is vanilla PGP! Users of vanilla PGP can import the WKD keys through wgetting them from .well-known or the Autocrypt keys through viewing the raw email, pasting the headers into an asc file and importing it. Users of vanilla PGP can encrypt to everyone! They have the bread. If they add WKD and Autocrypt, they’ll make their lives even easier and more automatic, and I recommend that and advocate for that, but that’s gravy compared to the actual bread which is PGP.

*: The plain text first message is not a good experience. Thankfully, Delta Chat users can additionally export their key manually (from scraping their own headers in the mail spool if nothing else) and then post it on WKD! Which I did! So I do get the first message encrypted most of the time (from non–Autocrypt users). But then I can’t reply back and I can’t even see in Delta Chat that they encrypted their message.

The more defensive and grouchy I get around this, I realize that I sound entitled and/or rude and/or toxic. I’m gonna take a li’l break. I know working on Delta Chat is difficult. I respect that. But I did reply to Holger’s post. Not to the weird QR thing because my jam is non–vendor-specific, interoperable email!

“(…)but unencrypted messages sent from external providers to your Account, or from Proton Mail to external unencrypted email services, are scanned(…)”

Proton’s support doesn’t even use GPG/PGP. ‘support@protonmail.zendesk.com’

For them PGP is only used for marketing purposes.

Yes, that’s exactly what I said, they can scan it and so can Akamai.

Whereas if I do use PGP, Akamai can’t. (And Proton only can if they’ve managed to steal the privkeys.)

I don’t give two tugs what their “zendesk” #ChangeTheName uses! I don’t use Proton!

Stop your trolling. Hating on Proton, even outright FUD:ing, is fine. This is an encryption forum, tinfoil is great. But using ad-Proton-hominem attacks as a distraction from the real issue, which is PGP key import, that’s what I have no patience for. Solving that issue would incidentally fix interoperability with Proton.

Don’t worry, I won’t bother you anymore.

The “weird qr thing” is actually really close to a standard openpgp fingerprint with some extra metadata. interface/uri-schemes.md at master · deltachat/interface · GitHub
Yeah but it is a custom handshake protocol sure, but we specified it in 2. Securing communications against network adversaries — SecureJoin 0.20.0 documentation and before that in Detecting and preventing active attacks against Autocrypt — Counter Mitm 0.10.0 documentation.
We could also go through the effort of official standardisation, but we are not very fond of bureaucracy, so that’s one of the reason that we did not do it, yet.

Yeah for first message problem WKD would be nice, but I don’t see how it would protect against MITM (In my understanding one of the provider needs to do the MITM attack or do you have a scenario where there is MITM between providers?).

That sounds bad, where is the point where it is failing? do they sent their own key with their email/reply and DC does not detect it?

Hi Simon. Sorry for me being such a grouch yesterday, I shoulda just logged off.

If people have my key (either from me giving it to them outside of Autocrypt, or from them fishing it out of the Autocrypt headers), they can encrypt to me and Delta Chat will decrypt it for me and display it as if it were plaintext even when it’s actually decrypted. If I then reply to them from Delta Chat, without Delta Chat having imported their key, I’ll send unencrypted plaintext. This unfortunately has happened many times. I need to personally remember and keep track of (in my head) who are sending encryptedly but not Autocrypt, so that I don’t reply to them from Delta Chat. I can reply to people who don’t encrypt at all, or who use Autocrypt, from Delta Chat, but since most people are not on Autocrypt but just send normal PGP mail, I need to reply to them from outside of Delta Chat.

Ok but what could or should DC do in these cases?
AFAIK the lock icon is only shown if the message is encrypted AND signed.
Do they attach their own key in their PGP email?

It used to be the case that Delta Chat showed a lock but that was even worse since that misleadingly implied that my replies to them would be encrypted.

What Delta Chat should do of course is to let me import PGP keys manually outside of Autocrypt! (Then in a later version, maybe even automatically import keys from WKD. The problem is that we can’t send WKD back since we’re a client not a server. I mean I do have a server also and on that I do have WKD.)

(Their messages are signed.)