Deltachat-android: Use openKeychain for key management on android

The very big disadvantage: users will have to install another app (if they didn't already) which also is the reason why DC isn't already doing this iirc.

Also OpenKeyChain isn't available on iOS and Desktop platforms, so it's very unlikely we can even optionally use openkeychain, i am afraid. Therefore closing this issue.

As to key management being intransparent: that's mostlly on purpose. We are following the Autocrypt UX guidance in "don't talk with users about keys" -- at least that's true for the non-advanced options. Despite this, there have been improvements in dealing with keys and i can imagine small improvements to key handling could be made, for example dealing with keys that come with a passphrase (currently it simply doesn't work). please open a discussion on the https://support.delta.chat forum if you have particular feature suggestions. thanks!

well ok, I think the idea should not be to use openkeychain specifically, but rather "a third-party app" for key management. So I don't really see it as a good argument against this feature that openkeychain isn't on iOS/Desktop. I'm sure there's a browser extension for that.
also, telling me that there's no valid private key in an autocrypt setup message because said key is protected by a passphrase is undoubtedly terrible UX. I spent hours trying to get my key to work until I found out about that.
Speaking of UX, not only does the app not tell me which file formats it would want for importing keys(tried leaving .asc .gpg and the autocrypt setup attachement in Download folder), it doesn't even let me choose which file the key is contained in!(!!)
I believe using a third-party app would improve flexibility, UX and, in most cases, robustness/ security of key management (as for example openKeychain can give temporary access to pgp keys).
I'll definitely advocate for this feature on support.delta.chat !

btw, re don't talk to users about keys, Enigmail is arguably the most popular Autocrypt implementing piece of software and key management is fairly transparent there.

@hpk42 your argument about openkeychain not being available on other environments does not makes much sense in a repo that's only about the android port.

Key management happens completely inside the Delta Chat core library
which is used across all platforms. Except for export/import key
the UIs (including Android) have no access to crypto. Trying to
integrate with OpenKeyChain is a lot more effort than it might
appear plus it only benefits Android. The folks over at OpenKeyChain
are, btw, rather going the reverse direction -- aiming for rather integrating
OpenKeyChain (with hardware security tokens) as a library into other programs.
So there is potential confluence but it's not around the corner and
not a current DC priority.

On Wed, Jul 29, 2020 at 17:14 -0700, Eloy Espinaco wrote:

@hpk42 your argument about openkeychain not being available on other environments does not makes much sense in a repo that's only about the android port.

--
You are receiving this because you were mentioned.
Reply to this email directly or view it on GitHub:
https://github.com/deltachat/deltachat-android/issues/827#issuecomment-665995760

I absolutely agree.
To keep Delta Chat as simple as possible for "non tech users" you should use less as possible third party apps.