So looks like the major things have been fixed:
-
I was able to export a whole folder of emails not one by one. A zip file was produced with all the .eml messages.
-
Using recovery email only for recovery only seems to also be resolved for new accounts so that looks good.
-
It does not appear that SES is being used as a backup anymore either, which is good.
-
The transparency page at least now makes some mention of the audits and when they took place. I assume the issue with providing them, or a letter of attestation is that it needed to be negotiated when the audit took place which is now not possible. An extra column there in that table perhaps describing the scope should be possible though.
-
Now that source code has been released we can also mention that too. @amilich I think it would be a good idea to produce a blog article on that. You’ve mentioned it in the marketing email with a link to @skiff-org/skiff-crypto - npm. For major announcements like that I’d probably always make sure there’s some mention of it on the blog.