With the 4.0 release the appearance of Mailvelope has changed a lot. At the beginning of 2019, we set ourselves the goal of developing a new design for Mailvelope in order to give the product Mailvelope a more independent identity. After the concept had been developed in cooperation with the UX designers of f209, it quickly became clear that Mailvelope would have to face extensive changes: Not only the previous standard Bootstrap theme was replaced by an individual design, but also larger areas of the application, such as file encryption, were completely redesigned for better usability. We also looked at the possibility of using a custom font that expresses our idea of Mailvelope. The redesigned Mailvelope logo, with its resemblance to the wax seals previously used in correspondence, now also provides a better recognition factor.
The aim was to make the whole appearance look more rounded. All in all, Mailvelope should be more fun to use. Our revision of the security background of Mailvelope shows that the changes to the design can also improve security. Users can now configure their individual background from a variety of symbols and colors and thus increase recognition.
Details about the rebranding can also be found in an article by f209. Furthermore, the redesign of Mailvelope was supported by Internews and the UXFund as well as the Open Technology Fund. We’d like to thank all participants for a good cooperation and the associated improvements of Mailvelope.
freenet & Web Components
The integration of Mailvelope into a webmail client should be as simple as possible. Besides our existing API we also offer web components with version 4.0 and are happy to have found a mail provider with freenet.de that uses this method to enhance freenet Mail with PGP encryption. Another new feature is that you don't have to create your own keyring anymore, but can manage keys in the main keyring of Mailvelope. In August the Mailvelope integration at freenet Mail will be activated in order to offer freenet users a comfortable and smooth option for end-to-end encryption.
As part of the project "Weiterentwicklung von Mailvelope" of the Federal Office for Information Security (BSI), a security audit of Mailvelope was carried out. The security vulnerabilities found in this audit have been fixed with release 3.3 (see Release Notes). The audit report with further details on the bugs will be published shortly. (Update: Mailvelope Extensions Security Audit Report).
Since version 3.3 Mailvelope also supports Autocrypt. The public keys are automatically exchanged via the mail headers and the system does not need a key server. Since Mailvelope takes over the administration of the keys and status information exchanged with Autocrypt, it can offer mail providers a simple and efficient possibility to implement Autocrypt themselves in the future.