Lets say you create PGP keys that expire in a year. You hand out the public key to someone and they send you an encrypted email. You then download the email from your email provider/host into the Thunderbird client where you have the private key and decrypt the email.
If you’re using IMAP, does the copy of the email on the email provider/host inbox remain encrypted or is it also decrypted when you decrypt it in Thunderbird?
At the end of the year when the PGP keys expire, what happens to the encrypted email? When you decrypt it, does it stay unencrypted on both Thunderbird and the email provider/host inbox (using IMAP) or is it just decrypted in Thunderbird but remains encrypted on the provider/host inbox or the email is always encrypted and you lose the ability to read the email when the PGP keys expire?
So the public key expires but not the private key? What if I delete the private key, will I still be able to read my email if I already previously decrypted it? Or what if my private key was stolen and I needed to deactivate it and create a new one?
So the public key expires but not the private key?
They do not truly exist in isolation. The public key is what everyone else sees, and is the only logical place to attach an expiration policy for others to see.
What if I delete the private key, will I still be able to read my email
No.
The entire security of the system is predicated on this being true.
if I already previously decrypted it?
Yes, decryption results in plaintext.
(I originally misread this question so I split the part I was replying to.)
Or what if my private key was stolen and I needed to deactivate it and create a new one?
Ah, welcome to the woes of key management. PGP doesn’t really protect you from a total key compromise (though it can help if a subkey is compromised). Additionally, PGP encryption isn’t forward-secure, so if your key is stolen, the thief can read all the encrypted emails you ever received.
This is one reason why private messaging apps are considered generally safer than PGP or other encrypted email solutions.
metadata (sender, recipient, subject) is often sent unencrypted, visible to both mail servers and intermediaries.
There is a strong societal argument as well: There are 8+ billion of emails, but after 30+ years of PGP, only 60,000 keys are in the largest keyserver. This ratio (roughly 140000:1) strongly suggests that e2ee that is optional will not get adopted over time (take note, Telegram).
So if it has been decrypted and I then delete the private key, I would still be able to read the email forever because it has been converted to plaintext with encryption removed, correct?
I would also assume that if I decrypt it in Thunderbird, then the email would also be decrypted on my email provider/host inbox when using IMAP which synchs everything, correct?
I’m asking because if the email provider/host doesn’t have encrypt at rest, then could they still read the email once I decrypt it because of IMAP. Or another way to look at it is, if I use an email provider that DOES have encrypt at rest like mailbox.org, then could they read the email once I decrypt it in Thunderbird because of IMAP.
I would also assume that if I decrypt it in Thunderbird, then the email would also be decrypted on my email provider/host inbox when using IMAP which synchs everything, correct?
I don’t know what Thunderbird does under-the-hood. I believe it only syncs the encrypted copy, and you need your private key around to continue to decrypt old messages. But don’t quote me on that.
I’m asking because if the email provider/host doesn’t have encrypt at rest, then could they still read the email once I decrypt it because of IMAP.
I’d be extremely surprised if any PGP integration didn’t think of this attack vector.
PGP isn’t just for email, it’s also for files. If you decrypt a PGP-encrypted file with your private key, it will save the plaintext to disk. Then if you delete your private key, the plaintext is still there until you decide to delete that too.
Whether Thunderbird does the right thing with preventing plaintext from being uploaded is an implementation question that requires studying their source code to answer conclusively.
@soatok - Good info and much appreciated. I was thinking the best way to test IMAP is to decrypt the email in Thunderbird, then log-in to my email provider online (web mail) using my browser and check the same email to see if it’s readable. As far as I know, this should give me the answer.