I would like to suggest a feature, which would be supporting PGP keys with a passphrase. It should probably both be possible to use the passphrase for storing the internal key it already generated at rest, and to process passphrases set on key imports for better compatibility. If used for the internal key I suggest the passphrase should be asked whenever I open delta chat for the first time and then kept in memory until it quits, which could still be a useful security improvement over no passphrase. Sorry if that’s for some reason a bad idea, I’m by no means a GPG expert.
Why is this feature important: I tried to export my Thunderbird key for use in DeltaChat but there isn’t even an option to export without passphrase, meaning for the average user it’ll likely get really complicated to try to figure out how to get that key into delta chat. But if they don’t and they’re otherwise a PGP user, all e-mails will show up as forged in regular e-mail clients which seems bad.
Alternative ideas: I saw there were ideas to encrypt the database A usable idea for PGP keys with a passphrase which would be an alternate idea to storing the imported key with a regular PGP passphrase on disk. Maybe I’m missing something, but I think this would probably need to be implemented first if PGP keys aren’t going to be stored with the passphrase retained in DeltaChat. Since I’m guessing most regular PGP user don’t want their keys to be stored without passphrase if they’re serious about using it. So just stripping an imported key of the passphrase and then storing it unencrypted seems like it shouldn’t ever happen without a big warning of some sort. However, since PGP already supports passphrases, I think most users would expect that DeltaChat just uses those to encrypt the keys at rest since that’s the established format to keep a PGP key safe.