Author Topic: PGP encryption should be moved to the top of the feature list  (Read 44643 times)

mikeone

  • Hero Member
  • *****
  • Posts: 2762
Re: PGP encryption should be moved to the top of the feature list
« Reply #30 on: December 23, 2015, 03:51:14 pm »
@rob
I know that you are new member here in the forum and therefore you can't be aware of the responsiveness from Kostya. And that Kostya really takes care for the users issues, needs and suggestions. However, as part of its modest possibilities as a sole developer.

And I guess you are fully right with your assumption "... maybe Kostya is getting tired in repeating his phrases of older threads? It looks like it."

I would fully understand Kostya to get tired of replying to the same recurrent requirements again and again...

@chrashdamage
I have gathered some interesting statements from Kostya concerning "not to support ActiveSync, but EWS" which I've found through the search function here in the forum:

26. November 2012
http://www.aqua-mail.com/forum/index.php?topic=37.msg129#msg129
Quote
Yes it would be, and yes, it's not simple.

Using ActiveSync requires a license, and EWS is less appealing to most users who want Exchange.

I'm about to contact MS about a license after the current version goes out (1.1.0.5), if they say "no", it'll have to be EWS.


7. June 2013
http://www.aqua-mail.com/forum/index.php?topic=1289.msg3738#msg3738
Quote
Hello all,

It may seem that I've stopped developing the app and do not care about improving it further.

Not quite true.

For the last few months, I've had to deal with serious health issues.

It seems the worst is over now, and even though I'm not fully recovered yet, I'm starting to be able to work again.

My plans are:

- Native support for .ics calendar invites, being able to accept / decline right from Aqua Mail, and to send them (I hope this second part works out).

- Support for those horrible winmail.dat "attachments" that Outlook likes to send instead of nice standard Internet MIME messages.

- Built-in contact picker, which will include recent emails from actual messages, and not just what's in the device's Contacts... A better way to select groups, too.

--- this will be released to Play ---

- Better support for Exchange, using EWS (Exchange Web Services). There will not be support for ActiveSync.

--- release ---

Other "must have / nice to have" things, timing not cetain:

- Rich message formatting for new messages

- Threaded / conversation view

- The incredibly fashionable "swipe" actions here and there.

Smaller things will be added and fixed along the way, as usual.


10. September 2013
http://www.aqua-mail.com/forum/index.php?topic=1555.msg5061#msg5061
Quote

MS does not support IMAP for outlook.com accounts, even though they promised it over a year ago (hey, and I thought I was too slow).

http://www.aqua-mail.com/forum/index.php?topic=1273.msg4749#msg4749

Some mail apps (that have the necessary licenses from MS) can use ActiveSync with outlook.com, mine is not one of them.

I'll be adding support for MS's other, license-free mail protocol, EWS, and hope it works with outlook.com and office 365... But I haven't started on that yet, so it won't be ready for a while.


14. November 2013
http://www.aqua-mail.com/forum/index.php?topic=1773.msg6134#msg6134
Quote
ActiveSync - no, never, because of MS's complicated licensing requirements.

I chose EWS because it's license free and also much more commonly enabled than IMAP/SMTP (when those are off).

Sorry to hear EWS not enabled on your particular server.


14. March 2014
http://www.aqua-mail.com/forum/index.php?topic=2179.msg8132#msg8132
Quote
There is not, and will not be, support for ActiveSync because of its complicated licensing logistics.

Device manufacturers typically have the necessary licenses from MS (it's much easier for Samsung or Sony, compared to one guy in a suburb of Moscow).

I've chosen EWS, which is pretty much equivalent in terms of access to Exchange features.

Have not done push for Exchange yet, but do plan to do more work on it (including investigating push).

17. April 2014
http://www.aqua-mail.com/forum/index.php?topic=2291.msg8873#msg8873
Quote

I believe we were in touch today over mail, but I'm going to repost for others:

- ActiveSync requires licensing from MS; complying with its complicated logistics would just about kill me and my app. Other developers / companies may feel / do differently.

- It's easy to assume that an app developed for Microsoft (the Outlook.com app) does not need to have a license from Microsoft to use ActiveSync.

- I chose EWS over ActiveSync for access to corporate servers. The two protocols are (from my experience) are basically equivalent in terms of access to Exchange specific features.

- The IMAP server behind Hotmail / Outlook.com indeed does not support IMAP IDLE, the industry standard for push mail. It doesn't support even more basic IMAP extensions (e.g. UIDPLUS) that other IMAP services have. It's also fairly buggy. Looks like MS just doesn't take it seriously (could be intentional). Overall, it's been a disappointment.


19. May 2014
http://www.aqua-mail.com/forum/index.php?topic=2417.msg9549#msg9549
Quote

As I'd mentioned before, Aqua uses the EWS network protocol to connect to Exchange servers.

It does not support ActiveSync, the other Exchange network protocol, because of licensing complications.

Most corporate servers support both EWS and ActiveSync. Mail Droid (which is pretty popular) uses EWS.

However... Hotmail does not. It only supports ActiveSync.

"Standard" mail apps that come preinstalled, and some third party ones, are from companies that have ActiveSync licenses.

It's much easier when you're a company like Sony / Samsung / HTC / LG / ASUS than it is for me.


23. June 2014
http://www.aqua-mail.com/forum/index.php?topic=2499.msg10186#msg10186
Incidentally also quite interesting:
Quote
Well, the "403 forbidden" really speaks for itself -- this is the response from the server.

Aqua does not make up random URLs and server names because it wants to :) so it had to have been a server side change.

The standard URL for EWS is https://<server>/EWS/Exchange.asmx

This one doesn't even open in my desktop browser:

https://ipmm.next.co.uk/EWS/Exchange.asmx

In Chrome, I get a "This webpage is not available".

It's so nice for your IT guys to say they "don't support Android phones".


29. June 2014
http://www.aqua-mail.com/forum/index.php?topic=2179.msg10320#msg10320
Quote

There is not, and will not be, support for ActiveSync because of its complicated licensing logistics. Sorry (if I need to be).


17. August 2014
http://www.aqua-mail.com/forum/index.php?topic=2668.msg11630#msg11630
Quote

It's ActiveSync vs. Exchange Web Services (EWS) again.

ActiveSync comes with complicated licensing requirements (from Microsoft), so I chose to use EWS instead. Dealing with ActiveSync licensing is just too difficult for a guy in his bedroom.

Some companies and people who develop email apps have ActiveSync licenses (Samsung, HTC, Sony, LG... Enhanced Email, Moxier Mail, TouchDown)...

Some don't, and choose EWS instead (yours truly, MailDroid...)

Standards are great. Everyone should have his own.

14. November 2014
http://www.aqua-mail.com/forum/index.php?topic=45.msg13820#msg13820
Quote

It has nothing to do with ActiveSync vs. EWS.

It has everything to do with my not having implemented push for Exchange, back when I was adding Exchange support (about a year ago).

Something I'm going to look into, as well as two-way calendar sync, for version 1.6.


25. November 2014
http://www.aqua-mail.com/forum/index.php?topic=45.msg14154#msg14154
Quote

>> implementing ActiveSync wouldn't be that difficult to achieve

The issue, as I already explained numerous times, is having to get a license to use ActiveSync from MS:

1 - the complicated logistics
2 - costs

Look at Boxer. Got a great start, marketing, promotion, and now seems to be going nowhere. Lots of complaints in Google Play about its price -- and a then separate purchase to use Exchange.

They went with ActiveSync, and have to cover their licensing costs. But it does't do anything to change how users see it ("I have to pay *twice*?").

>> doesn't support Active Sync

ActiveSync is just a network protocol.

Can you explain why the network protocol is so important to you?

Maybe rather than a network protocol, you have specific Exchange oriented features in mind?


15. January 2015
http://www.aqua-mail.com/forum/index.php?topic=3213.msg15584#msg15584
Quote

There is not and will not be ActiveSync in AquaMail.

For Exchange, I chose EWS (Exchange Mail Services) instead.

Perfectly valid choice, also used by Mail Droid and EmClient (desktop) -- but your server settings may be different.

Please ask Zoho about EWS and what server name you should be using -- assuming it's supported.
**************
ZoHo use some voodoo black magic for their Active Sync connectivity. So much so that you can't even use Outlook worth ZoHo via AS and instead have to resort to IMAP.

The only 3rd party app I had any success with ZoHo and ActiveSync was Touchdown.


« Last Edit: December 24, 2015, 01:06:24 am by mikeone »

mikeone

  • Hero Member
  • *****
  • Posts: 2762
Re: PGP encryption should be moved to the top of the feature list
« Reply #31 on: December 23, 2015, 04:17:36 pm »
... and just two more "general" discussion threads explicitly concerning ActiveSync <> EWS started by Kostya himself:

08. September 2014
ActiveSync vs.  EWS - not so clear cut
http://www.aqua-mail.com/forum/index.php?topic=2746.msg12162#msg12162

09.01.2015
Let's discuss: push mail for Exchange
http://www.aqua-mail.com/forum/index.php?topic=3195.msg15438#msg15438

Use forum search with keywords "ActiveSync EWS " to find more...
« Last Edit: December 23, 2015, 04:40:48 pm by mikeone »

nadir husain

  • Full Member
  • ***
  • Posts: 107
Re: PGP encryption should be moved to the top of the feature list
« Reply #32 on: December 23, 2015, 04:27:15 pm »
@mikeone thats great work by you. making the effort to provide us newer members with some historical perspective on activesync.   we love what kostya has given us...  remember one man in a room with computer equipment has developed a best in class app that  multi billion dollar companies,  heavily funded startups and the like cannot match.   so let kostya decide what he wants to do with his baby.  he is the best judge.  he has brought it this far and he will make reasoned,  well thought out decisions on what is best for this app and how best to take it forward.  if he wants suggestions and feedback,  we,  lovers of aquamail are here.  best always @kostya

mikeone

  • Hero Member
  • *****
  • Posts: 2762
Re: PGP encryption should be moved to the top of the feature list
« Reply #33 on: December 23, 2015, 04:46:07 pm »
@mikeone thats great work by you. making the effort to provide us newer members with some historical perspective on activesync.   we love what kostya has given us...  remember one man in a room with computer equipment has developed a best in class app that  multi billion dollar companies,  heavily funded startups and the like cannot match.   so let kostya decide what he wants to do with his baby.  he is the best judge.  he has brought it this far and he will make reasoned,  well thought out decisions on what is best for this app and how best to take it forward.  if he wants suggestions and feedback,  we,  lovers of aquamail are here.  best always @kostya
+100.000  8)

@nadir
Many many thanks for your great statement(s) here in the forum and of course also in the community "AquaMail Beta" at Google+
https://plus.google.com/communities/112921486711044378404

crashdamage

  • Newbie
  • *
  • Posts: 43
Re: PGP encryption should be moved to the top of the feature list
« Reply #34 on: December 23, 2015, 04:55:39 pm »
Absolutely agree with Nadir Husain.  Many thanks to Mikeone for putting together all that information. 

Most definitely AquaMail is Kostya's baby and he's done an extraordinary job as a single parent so far.  I'm amazed what one guy and a keyboard has accomplished.  I've sincerely tried to support AquaMail in my own way because I truly believe in it.  Whatever he decides to do I respect and support his decision.  And I sincerely wish Kostya nothing but the best personally and professionally.

Just one last word of caution: No matter how innovative or superior a workaround using ews or whatever he may come up with, if it's not 'real' ActiveSync it won't be fully accepted by companies using Exchange.  They're just that bull-headed.

Android since v1.0. Linux since 2001
« Last Edit: December 23, 2015, 04:59:23 pm by crashdamage »
Android since v1.0.  Linux since 2001.

mikeone

  • Hero Member
  • *****
  • Posts: 2762
Re: PGP encryption should be moved to the top of the feature list
« Reply #35 on: December 23, 2015, 05:10:26 pm »
@chrashdamage
Also many thanks for your reply/replies  :)

@all
This post is one of my favorites from Kostya:

http://www.aqua-mail.com/forum/index.php?topic=2606.msg11122#msg11122
Quote
No matter what I do, even when not trying to be "inventive" or "original" (lalalala, think outside the box, yeah... blah blah blah...)

.... it's still all wrong, poor, crappy, inconvenient, ugly, shitty, uses too much battery, and causes prostate cancer.

And most importantly, still not "like this other app" ("other app" meaning any of dozens).

My middle name must be "Mr Loser".

His humor and his attitude is what we love about Kostya so much.
 :) :) 8)

mikeone

  • Hero Member
  • *****
  • Posts: 2762
Re: PGP encryption should be moved to the top of the feature list
« Reply #36 on: December 23, 2015, 07:47:39 pm »
Agree.

Since I "bumped-up" this thread on 17th Dec, Kostya replied in other threads, not here.

@Kostaya, are you tired in repeating your phrases of older threads? It looks like it.

Well, If you really have nothing to say we need to make up our own minds, what the
silence you are spreading is meant to be....

But, as "crasdamage" already mentioned:

It's about being polite and respectful to get involved
in communication, especially if it's not only in general, but specificially addressing you personally.
@rob
Just to give you another example of "responsiveness" and "caring about users needs" by Kostya:

22. December 2015
http://www.aqua-mail.com/forum/index.php?topic=4212.msg23158#msg23158
Quote
...
I was so surprised to see the update with that issue listed (especially so soon after the previous update), and I tested it out immediately and the problem was fixed!

Fantastic work, Kostya!  Thanks much.

In my opinion working on things like "bugfixing" is even more important (for the users) than replying as for the umpteenth time to an already repeatedly discussed topic.

And just one more point:
Quote
Well, If you really have nothing to say we need to make up our own minds, what the
silence you are spreading is meant to be....
"Silence" could also simply be attributed due to the fact of scarce time resources...
« Last Edit: December 23, 2015, 07:49:52 pm by mikeone »

mikeone

  • Hero Member
  • *****
  • Posts: 2762
Re: PGP encryption should be moved to the top of the feature list
« Reply #37 on: December 23, 2015, 08:02:48 pm »
Regarding "polite and respectful to get involved in communication" I found this feedback from another happy user of AquaMail and the brilliant developer Kostya:

http://www.aqua-mail.com/forum/index.php?topic=2606.msg11126#msg11126
Quote
Out of thousands of apps available, this is one of three apps, I follow the forum and development process. Why? Because it's worth it to learn from brilliant ideas and open the mind for understanding what things make a real great app. I enjoy the personalities, humor and knowledge of such developers and how they interact with their users. So from me a big "Thank You Kostya" for all this!

reubendevries

  • Newbie
  • *
  • Posts: 4
Re: PGP encryption should be moved to the top of the feature list
« Reply #38 on: December 23, 2015, 10:01:55 pm »
( I, for one, can't understand why K9 is limited to the obsolete OWA for Exchange connectivity -- according to their Github page, they have 100+ contributors )

This is the beauty of open source a million developers not one fucking QA tester...

Hayling

  • Newbie
  • *
  • Posts: 1
Re: PGP encryption should be moved to the top of the feature list
« Reply #39 on: January 13, 2016, 09:41:59 am »
I have seen all the excuses of not implementing pgp and s/mime in these forums.

I would phrase the business case like this:
I recently started up a new company in the financial sector. In the sector there is a big need for encryption of private information due to security and fraudulent behaviour of some dark elements.

Aquamail  is an excellent app and appeals to most people due to a good and worked through gui and  engine

Maildroid, K9, Squeaky mail,  Outlook,  outlook.com and many other options out there is nothing in comparison to Aquamail. I have tried them all when I searched for an app that can do pgp or s/mime.  Most of them seem to be coded by coders who does not understand the need of eg syncing the sent box when on imap,  crappy gui, no proper scheduling of emails and a lot more.

Aquamail has a unique situation where you can grab a big market in both the financial services if you implement encryption no matter of what encryption you select. Also the health care sector,  government etc are in need of the encryption and most select to not do it on the phones as there are no good alternatives.

You can grab a bigger market share if you implement it in your app.  You can even replace the crappy outlook app that I used to like.
Private persons are good,  but think businesses instead. This where you market is.
And you can increase the license price due to this also.

But before you upgrade,  please use a proper pgp management app. There are many monkey pps out there that creates more issues and hassle for the users than if you use eg open keychain as the key manager. Agp is crap,  it cannot encrypt files for instance and some others are like as they gave not left the Ms Dos stage. 

You have made an excellent job with the app,  take it to the next level.
We had to pick one of the crappy apps above due to that yours didn't do pgp and s/mime.
That will most likely lead to that we will start using those apps instead and skip Aquamail no matter of how good the gui is.  Our clients means business to us and therefore we need to prioritise security for our customers more than a perfect beautiful gui.
This is a bigger risk for you than the few that select you,  ie people leaving your app if you do not listen to the need if proper functionality.

So,  I suggest you get your act together and move Aquamail to the next level and stop the excuses.
You can make Aquamail a profitable business if you just listen to the users.

I do foresee a risk that your app will disappear as you will not grow it further as people rather go for outlooks app and that app will catch up with yours.  That's what has happened over the past decades with other apps if they don't keep beating Microsoft.

The choice is yours only.
« Last Edit: January 13, 2016, 09:54:36 am by Hayling »

ExplorMann

  • Newbie
  • *
  • Posts: 1
Re: PGP encryption should be moved to the top of the feature list
« Reply #40 on: March 27, 2016, 06:49:47 am »
I run a small tech company.   What people seem to lose sight of is that Google is the problem, not the solution.  Because Google reads every email (if you are using Gmail), there is no way to legally protect the contents of anything posted to Google (any Google service, not just Gmail).  That means that if you want to send details of a new patent, for example, using Gmail (without you specifically encrypting your info) the patent is not legally defensible (as it is legally now in the public domain). 

Any and all emails, as well as other forms of communications using third party SaaS services, should always be encrypted (unless you don't care about your Intellectual Property).  Too many SaaS services cheat claiming security and privacy but only use SSL/TLS (which is good, but not great) between the client and the server, but then store your private info in cleartext on their third party servers so they can easily read them (and sell the info to "advertisers").  This is the norm and the only way to protect yourself is to encrypt the actual files (anything that can/is stored that also is beyond your exclusive control).  This applies to almost all SaaS services, not just those from Google.

Note please that OAuth does not do anything to address this problem.

 

dsamersoff

  • Newbie
  • *
  • Posts: 1
Re: PGP encryption should be moved to the top of the feature list
« Reply #41 on: May 11, 2016, 10:18:20 pm »
+1 for pgp encryption. It's the only reason I stay with maildroid for now.

double-gee

  • Newbie
  • *
  • Posts: 2
Re: PGP encryption should be moved to the top of the feature list
« Reply #42 on: May 19, 2017, 08:11:23 pm »
I totally agree: +1.
Signed up to this forum only to express my Support for this feature.

PGP/MIME and SMIME support are a must. Please implement both. For PGP you can easily use the OpenKeychain-Integration.

Itakfule

  • Guest
Re: PGP encryption should be moved to the top of the feature list
« Reply #43 on: June 15, 2017, 03:24:56 pm »
I hope that we can get Support for PGP/MIME as soon as possible, since this is from the beginning my most missed feature. Is there something planned in the near future?

double-gee

  • Newbie
  • *
  • Posts: 2
Re: PGP encryption should be moved to the top of the feature list
« Reply #44 on: August 13, 2017, 03:24:48 pm »
*bumping up*