all-in-one privacy solution":["Proton Unlimited è una soluzione completa per la privacy"],"Black Friday":["Black Friday"],"No ads. Privacy by default.":["Niente pubblicità. La prima regola è la privacy."],"People before profits":["Le persone prima dei profitti"],"Security through transparency":["Più sicurezza grazie alla trasparenza"],"The best Proton Mail ${ BLACK_FRIDAY } deals":["Le migliori offerte di Proton Mail per il ${ BLACK_FRIDAY }"],"The world’s only community- supported email service":["L'unico servizio di posta elettronica al mondo supportato dalla community"]},"specialoffer:limited":{"${ hours } hour":["${ hours } ora","${ hours } ore"],"${ hoursLeft }, ${ minutesLeft } and ${ secondsLeft } left":["Restano ${ hoursLeft }, ${ minutesLeft } e ${ secondsLeft }"],"${ minutes } minute":["${ minutes } minuto","${ minutes } minuti"],"${ seconds } second":["${ seconds } secondo","${ seconds } secondi"],"Limited time offer":["Offerta a tempo limitato"]},"specialoffer:listitem":{"Create multiple addresses":["Crea indirizzi multipli"],"Hide-my-email aliases":["Alias hide-my-email"],"Quickly unsubscribe from newsletters":["Annulla rapidamente l'iscrizione alle newsletter"],"Use your own domain name":["Utilizza il tuo nome di dominio"]},"specialoffer:logos":{"As featured in":["Ne hanno parlato"]},"specialoffer:metadescription":{"Get an encrypted email that protects your privacy":["Scegli un'email cifrata per proteggere la tua privacy"]},"specialoffer:metatitle":{"Proton Mail Black Friday Sale - Up to 40% off":["Offerta Black Friday di Proton Mail - sconti fino al 40%"]},"specialoffer:newmetadescription":{"Get up to 40% off Proton Mail subscriptions this Black Friday. Find great deals on our secure end-to-end encrypted email plans.":["Per questo Black Friday ti offriamo fino al 40% di sconto sugli abbonamenti a Proton Mail. Scopri le straordinarie offerte sui piani di abbonamento alla nostra email dotata di crittografia end-to-end."]},"specialoffer:newmetatitle":{"Proton Mail Black Friday sale | Up to 40% off secure email":["Offerta di Proton Mail per il Black Friday | Fino al 40% di sconto sulla nostra email sicura"]},"specialoffer:note":{"* Billed at ${ TOTAL_SUM } for the first year":["* Addebito di ${ TOTAL_SUM } per il primo anno"],"*Billed at ${ TOTAL_SUM } for the first 2 years":["*Addebito di ${ TOTAL_SUM } per i primi 2 anni"],"30-day money-back guarantee":["Garanzia soddisfatti o rimborsati di 30 giorni"],"Billed at ${ TOTAL_SUM } for the first 2 years":["Addebito di ${ TOTAL_SUM } per i primi 2 anni"],"Billed at ${ TOTAL_SUM } for the first year":["Addebito di ${ TOTAL_SUM } per il primo anno"],"You save ${ SAVE_SUM }":["Risparmi ${ SAVE_SUM }"]},"specialoffer:off":{"${ DISCOUNT } off":["−${ DISCOUNT }"],"${ PERCENT_OFF } off":["−${ PERCENT_OFF }"]},"specialoffer:testimonial":{"I love my ProtonMail":["Adoro ProtonMail"],"My favorite email service":["Il mio servizio email preferito"],"Thanks Proton for keeping us all safe in the complicated internet universe.":["Grazie Proton perché ci proteggi nell'universo complicato di internet."],"You get what you pay for. In the case of big tech, if you pay nothing, you get used. I quit using Gmail and switched to @ProtonMail":["Ottieni quello per cui hai pagato. Nel caso di big tech, se non paghi niente, vieni usato. Ho smesso di usare Gmail e sono passata a @ProtonMail"]},"specialoffer:time":{"Days":["Giorni"],"Hours":["Ore"],"Min":["Min"]},"specialoffer:title":{"And much more":["E molto altro"],"Make your inbox yours":["Personalizza la tua casella di posta"],"Safe from trackers":["Protezione dai tracker"],"Stay organized":["Mantieni tutto organizzato"],"Black Friday email deals":["Offerte email del Black Friday"],"Don’t just take our word for it":["Non lo diciamo solo noi"],"Our story":["La nostra storia"],"Transfer your data from Google in one click":["Trasferisci i tuoi dati da Google con un solo clic"]},"specialoffer:tooltip":{"Access blocked content and browse privately. Includes ${ TOTAL_SERVERS }+ servers in ${ TOTAL_COUNTRIES }+ countries, connect up to 10 devices, access worldwide streaming services, malware and ad-blocker, and more.":["Accedi a contenuti bloccati e naviga in modalità privata. Include ${ TOTAL_SERVERS } server in più di ${ TOTAL_COUNTRIES } Paesi, possibilità di connettere fino a 10 dispositivi, accesso a servizi di streaming in tutto il mondo, blocco di malware e adblocker, e altro ancora."],"Easily share your calendar with your family, friends or colleagues, and view external calendars.":["Condividi facilmente il tuo calendario con familiari, amici o colleghi e visualizza calendari esterni."],"Includes support for 1 custom email domain, 10 email addresses, 10 hide-my-email aliases, calendar sharing, and more.":["Include il supporto per 1 dominio email personalizzato, 10 indirizzi email, 10 alias hide-my-email, condivisione del calendario e altro ancora."],"Includes support for 3 custom email domains, 15 email addresses, unlimited hide-my-email aliases, calendar sharing, and more.":["Include il supporto per 3 domini email personalizzati, 15 indirizzi email, alias hide-my-email illimitati, condivisione del calendario e altro ancora."],"Manage up to 25 calendars, mobile apps, secured with end-to-end encryption, 1-click calendar import from Google, and more.":["Gestisci fino a 25 calendari, app per dispositivi mobili, protezione con la crittografia end-to-end, importazione del calendario da Google in un solo clic e altro ancora."]},"Status Banner":{"At the moment we are experiencing issues with the Proton VPN service":["Al momento abbiamo dei problemi con il servizio di Proton VPN"],"Learn more":["Scopri di più"]},"Status banner":{"Learn more":["Scopri di più"],"Please note that at the moment we are experiencing issues with the ${ issues[0] } service.":["Attenzione: stiamo riscontrando dei problemi con il servizio di ${ issues[0] }"],"We are experiencing issues with one or more services at the moment.":["Stiamo riscontrando dei problemi con uno o più servizi."]},"suggestions":{"Suggestions":["Suggerimenti"]},"Support":{"Sub category":["Sottocategoria","Sottocategorie"]},"Support article":{"${ readingTime } min":["${ readingTime } minuto","${ readingTime } minuti"],"Category":["Categoria","Categorie"],"Didn’t find what you were looking for?":["Non hai trovato quello che cercavi?"],"General contact":["Contatti generali"],"Get help":["Ottieni supporto"],"Legal contact":["Contatti legali"],"Media contact":["Contatti per la stampa"],"Partnerships contact":["Contatti per collaborazioni"],"Reading":["Lettura"]},"Support categories":{"Browse Proton product support":["Consulta l'assistenza sui prodotti Proton"]},"Support category":{"There is no article in this category yet.":["Per ora non ci sono articoli in questa categoria."]},"Support troubleshooting":{"--- Select ---":["--- Seleziona ---"],"Adding and importing contacts":["Aggiungere e importare i contatti"],"App version":["Versione dell'app"],"Automatically save contacts":["Salvare automaticamente i contatti"],"Bridge connection issues with Outlook, Apple Mail or Thunderbird":["Problemi di connessione al Bridge con Outlook, Apple Mail o Thunderbird"],"Browser":["Browser"],"Check if this helps":["Verifica se questo ti è utile"],"Choose a category for your question":["Scegli una categoria per la tua domanda"],"Connectivity errors on Android and iOS":["Errori di connessione su Android e iOS"],"Contacts":["Contatti"],"Custom domain":["Dominio personalizzato"],"Desktop notifications":["Notifiche desktop"],"Did this solve your issue ?":["Ti ha risolto il problema?"],"Difference between Combined Addresses Mode and Split Addresses Mode":["Differenza tra le modalità Indirizzi combinati e Indirizzi separati"],"Differences between addresses, aliases, and sub-users":["Differenze tra indirizzi, alias e sotto-utenti"],"Email notifications":["Notifiche email"],"Email tracking protection":["Protezione contro il tracking delle email"],"Encryption":["Crittografia"],"Encryption keys management":["Gestione delle chiavi crittografiche"],"Faster assistance is just a few clicks away — please make your selections":["Ottieni assistenza più velocemente con pochi clic. Fai la tua selezione"],"How to avoid receiving spam messages":["Come evitare di ricevere messaggi spam"],"How to block unwanted email":["Come bloccare le email indesiderate"],"How to configure your email client for Bridge":["Come configurare il client di posta del Bridge"],"How to create contact groups":["Come creare dei gruppi di contatti"],"How to create or edit CSV contacts":["Come creare o modificare i contatti CSV"],"How to install Proton Mail Bridge":["Come installare Proton Mail Bridge"],"How to merge duplicate contacts":["Come unificare i contatti duplicati"],"How to send encrypted messages to external users":["Come inviare messaggi crittografati agli utenti esterni"],"How to set up a custom domain":["Come configurare un dominio personalizzato"],"How to unsubscribe from Apple’s TestFlight notification emails":["Come annullare l'iscrizione alle email di notifica TestFlight di Apple"],"How to use auto-reply":["Come usare la risposta automatica"],"How to use filters":["Come usare i filtri"],"How to use folders and labels":["Come usare le cartelle e le etichette"],"How to use PGP encryption":["Come usare la crittografia PGP"],"Invalid password error while setting email client for Bridge":["Errore “password non valida” nella configurazione del client di posta del Bridge"],"Login security notification alerts":["Notifica di sicurezza relativa all'accesso"],"Manage mailbox appearance":["Gestire l'aspetto della casella email"],"Mobile connectivity and synchronization":["Connessione e sincronizzazione dei dispositivi mobili"],"No, contact support":["No, contatta il supporto"],"Notifications":["Notifiche"],"Other":["Altro"],"Problems with deleting messages":["Problemi a eliminare i messaggi"],"Problems with moving messages":["Problemi a spostare i messaggi"],"Problems with read/unread message status":["Problemi con lo stato dei messaggi letti/da leggere"],"Proton Mail Bridge":["Proton Mail Bridge"],"Proton Mail settings":["Impostazioni di Proton Mail"],"Push notifications not arriving":["Notifiche push che non arrivano"],"Sending and receiving messages":["Invio e ricezione dei messaggi"],"Sending and receiving messages limitations":["Limitazioni nell'invio e nella ricezione dei messaggi"],"Sending and receiving troubleshooting":["Risoluzione dei problemi di invio e ricezione"],"Spam filtering, Allow and Block lists":["Filtro antispam, liste di indirizzi autorizzati e bloccati"],"Sub-users and organizations":["Sotto-utenti e organizzazioni"],"Thank you for your feedback":["Grazie per il feedback"],"Troubleshooting":["Risoluzione dei problemi"],"Verify custom domain records & anti-spoofing":["Verificare i record dei domini personalizzati e l'anti-spoofing"],"What can we help with ?":["In cosa possiamo esserti di aiuto?"],"What if your domain records fail (TXT, MX, SPF, DKIM, DMARC)":["Cosa fare se ci sono dei problemi con i record del dominio (TXT, MX, SPF, DKIM, DMARC)"],"What is encrypted on Proton Mail":["Che cosa è crittografato su Proton Mail"],"Yes":["Sì"]},"support_modal_search_query":{"How to use a custom domain?":["Come si usa un dominio personalizzato?"],"Search query":["Query di ricerca"]},"support_modal_search_result":{"Search result":["Risultato della ricerca"]},"support_modal_title":{"Blog search":["Ricerca nel blog"],"Support search":["Cerca nell’assistenza"]},"support_search_button":{"Search":["Cerca"]},"support_search_i_am_looking_for":{"I'm looking for":["Sto cercando"]},"SupportForm":{"For a faster resolution, please report the issue from the Bridge app: Help > Report a problem.":["Per una risoluzione più rapida, segnala il problema dall'app Bridge: Aiuto > Segnala un problema."],"Information":["Informazioni"]},"SupportForm:option":{"Account Security":["Sicurezza dell'account"],"Contacts":["Contatti"],"Custom email domain":["Dominio email personalizzato"],"Email delivery and Spam":["Consegna delle email e spam"],"Encryption":["Crittografia"],"Login and password":["Login e password"],"Merge aliases and accounts":["Unione di alias e account"],"Migrate to Proton":["Migrazione a Proton"],"Notifications":["Notifiche"],"Other":["Altro"],"Plans and billing":["Piani e fatturazione"],"Proton for Business":["Proton for Business"],"Sign up":["Iscrizione"],"Storage":["Archiviazione"],"Users, addresses, and identities":["Utenti, indirizzi e identità"]},"SupportForm:optionIntro":{"Select a topic":["Seleziona un argomento"]},"swiss_baseed_feature":{"Swiss based":["Con sede in Svizzera"]},"Testimonial":{"Awards":["Premi"],"Customers":["Clienti"],"Featured":["In evidenza"],"Go to testimonial source":["Vai alle testimonianze"],"Reviews":["Recensioni"],"Videos":["Video"]},"Text":{"Find the plan that's right for you":["Trova il piano che fa per te"],"If you need help, check out our ${ supportLink }.":["Se ti serve assistenza dai un’occhiata alla nostra ${ supportLink }."],"The page you’re looking for might have been removed, or it could be an\nold link.":["La pagina che stai cercando potrebbe essere stata rimossa, o il link potrebbe essere vecchio."]},"Title":{"On this page":["In questa pagina"],"Related articles":["Articoli correlati"],"Share ${ thisPage }":["Condividi ${ thisPage }"],"Thank you!":["Grazie"],"this page":["questa pagina"]},"Tooltip":{"More information":["Ulteriori informazioni"]},"tooltip_calendar":{"Create up to 20 custom & shareable encrypted calendars. On top of that, add up to 5 calendars from friends, family, colleagues, and organizations.":["Puoi creare fino a 20 calendari cifrati personalizzati e condivisibili. Puoi inoltre aggiungere fino a 5 calendari di amici, familiari, colleghi e organizzazioni."]},"tooltip_vpn":{"Access blocked content and browse privately. Includes ${ TOTAL_SERVERS }+ servers in ${ TOTAL_COUNTRIES }+ countries, highest VPN speed, ${ TOTAL_VPN_CONNECTIONS } VPN connections, worldwide streaming services, malware and ad-blocker, and more.":["Accedi a contenuti bloccati e naviga in modalità privata. Il piano include più di ${ TOTAL_SERVERS } server in oltre ${ TOTAL_COUNTRIES } Paesi, massima velocità della VPN, ${ TOTAL_VPN_CONNECTIONS } connessioni alla VPN, servizi di streaming in tutto il mondo, anti-malware, ad-blocker e altro ancora."],"Access blocked content and browse privately. Includes ${ TOTAL_SERVERS }+ servers in ${ TOTAL_COUNTRIES }+ countries, highest VPN speed, 10 VPN connections, worldwide streaming services, malware and ad-blocker, and more.":["Accedi a contenuti bloccati e naviga in modalità privata. Il piano include più di ${ TOTAL_SERVERS } server in oltre ${ TOTAL_COUNTRIES } Paesi, massima velocità della VPN, 10 connessioni alla VPN, servizi di streaming in tutto il mondo, anti-malware, ad-blocker e altro ancora."]},"version_history_label":{"Version history":["Cronologia delle versioni"]},"version_history_tooltip":{"Store up to ${ versionHistoryNumber } versions of each file for up to ${ years } years":["Conserva fino a ${ versionHistoryNumber } versioni di ciascun file fino a un massimo di ${ years } anni"]},"VideoModal":{"Get started in 2 minutes":["Inizia in 2 minuti"]},"videosButtonLabel":{"Get started with videos":["Inizia con i video"]},"vpn_features_link":{"View VPN plans":["Visualizza i piani VPN"]},"vpn_features_useCase":{"Access blocked content and browse privately":["Accedi ai contenuti bloccati e naviga in modalità privata"]}}},"unleashApi":"https://account.proton.me/api"};
// We need to import data (the framework context) from the server
// This Astro feature with define:vars works well but creates an inline script
// So we can't directly import the initFramework helper, we have to store the context
window.frameworkContext = frameworkContext;
})();
In October 2022, Proton developed its own OpenPGP certificate authority (CA), ProtonCA, and began signing encryption keys to guarantee that they belong to a specific account. This allows OpenPGP users to trust other users’ PGP keys and makes sending end-to-end encrypted (E2EE) messages easier.
This article explains why CAs are necessary for OpenPGP, why we decided to develop a CA, and how our CA works.
Why is Proton acting as a certificate authority?
OpenPGP, the open-source encryption standard we use to end-to-end encrypt emails on Proton Mail, is one of the most secure ways to communicate online, but even it has minor potential vulnerabilities. One issue is anyone can create a key and claim it belongs to a specific email address. This could potentially allow an attacker to substitute in a PGP key they created for yours, giving them access to any messages encrypted using that key.
This issue exists in other cryptography protocols as well. For example, the Transport Layer Security protocol (TLS) that protects all websites that use HTTPS relies on a few centralized CAs to verify that a specific key belongs to the person or website claiming it. To address this issue, the OpenPGP community recently developed OpenPGP CA(new window), making it easy to deploy decentralized CAs. The goal is to create a broad system with many CAs working together to eliminate points of failure.
We decided to launch ProtonCA because we’re uniquely positioned to act as a CA. We can easily confirm that a specific key belongs to a particular email address as we control the email domain. While Proton users will not see any major difference in service, this will make life much easier for people that use PGP to send E2EE emails to Proton users. Now, no matter how you get a hold of a Proton user’s PGP key, you can be sure that it’s valid and recent (actively used within the past six months) if ProtonCA signed it.
Third-party signatures
The underlying technology OpenPGP CA uses — third-party signatures — has existed for years. Third-party signatures are the primary tool CAs use to authenticate a key. Basically, if you’re a CA, you add your signature to someone else’s key, stating that you’ve verified it belongs to them. This creates a tamperproof binding between the key and the user.
For example, Alice wants to send an email to Bob, so her first step is to retrieve his public encryption key. This downloaded key contains a signature from Ted stating that he certifies this key belongs to Bob. If Alice trusts Ted to correctly verify Bob’s identity, then she indirectly trusts Bob’s key. Ted is the trusted authority in this case, acting as a (very small) CA.
How ProtonCA works
At Proton, we developed ProtonCA according to the system outlined by OpenPGP CA to act as a CA for the keys of millions of Proton users.
All email addresses hosted by Proton have a key that allows them to receive E2EE messages. ProtonCA adds a third-party signature to each email encryption key using a master key called the CA key. This certifies that Proton guarantees the key belongs to the address associated with it. When a key is generated or imported to Proton Mail, ProtonCA verifies that it’s only associated with one email address, the one it was uploaded for. We then sign the key and store it on our servers. Proton does not verify the identity of individual users (for example, we do not require our users to provide a government ID). ProtonCA simply confirms that a particular email address corresponds to a specific key.
Let’s go back to our original example with Alice and Bob, but let’s replace Ted with ProtonCA. Now, when Alice fetches Bob’s key, she will receive a key with a ProtonCA signature stating that bob@proton.me uses that key. Alice, who might be using an external OpenPGP client, can verify the authenticity of this signature, and if she trusts Proton, she’ll indirectly trust this key automatically. This trust applies regardless of how Alice obtained Bob’s key. Even if she found it on an insecure medium, ProtonCA’s signature makes it tamperproof.
ProtonCA’s signature also adds non-repudiability to keys served by Proton. In other words, if Proton serves a bad key, ProtonCA’s signature proves the key was downloaded from Proton. This would reduce trust in Proton and disincentivize us from serving malicious keys.
To avoid certifying old keys, ProtonCA enforces a strict expiration policy. Each key is certified for six months at a time. A month before a certificate expiration, ProtonCA checks to see that the associated email address is still active and the current key has not been removed. If both criteria are met, ProtonCA will renew the certification for an additional six months.
How to trust ProtonCA in other OpenPGP clients
The ProtonCA key can be retrieved here(new window) and has the following fingerprint: 0a8652fe5d53386057899fe9d806c1af5978e8c7.
You can import this key into your GnuPG keyring using the following command:
Since OpenPGP CA’s goal is to set up a decentralized signature system, having a single central CA that issues signatures would defeat the purpose. That is why we’ve added support for certifications on imported PGP keys.
You can set up your own instance of OpenPGP CA(new window) or sign the keys using Sequoia or GnuPG and then import these directly into Proton. You simply need to import the signed private key for the desired address. The public key that we’ve made available to Proton Mail users via Web Key Directory (WKD)(new window) or our Public Key Server (PKS)(new window) contains the imported signature.
Note that if you want to add a new key, the signature will not automatically be transferred to the new key. You will need to sign it again manually after it has been added.
UPDATE October 28, 2022: This article added three paragraphs explaining how to set your trust level lower than five.
Protecting a folder with a password is a simple yet effective way of securing
files. You may wonder whether you can password-protect a folder in Google Drive.
We explain what access controls Google Drive offers and what you can do to
improve your sec
We’re excited to announce that Proton Pass supports passkeys for everyone,
allowing you to manage and use passkeys across all devices seamlessly. Passkeys
are an easy and secure alternative to traditional passwords that can help
prevent phishing atta
Passkeys are a new way to secure your online accounts using cryptographic keys
instead of passwords. They offer a high level of convenience and security, and
are a real game-changer in the way we access and secure sites. What is a
passkey, though, an
Apple’s marketing team has built a powerful association between the iPhone and
privacy. The company’s ad campaigns claim that “what happens on your iPhone,
stays on your iPhone.” And, “Privacy. That’s iPhone.”
But Apple’s lawyers are telling a diffe
A cyberattack on national public employment service France Travail has exposed
the personal data of as many as 43 million people.
The latest breach is the second major cybersecurity attack to happen in France
in the past month, raising concerns abo
Google Drive makes it easy to share files and folders, but you may have wondered
at some point whether the people you’ve shared a folder with can see your other
folders. We answer this question below and also share some tips for truly secure
link sha
In 2014, Proton Mail was introduced as a web app, revolutionizing how we think
about email privacy.
Today, we’re excited to broaden the horizons of secure communication by
launching the Proton Mail desktop app. Anyone can now use the new Proton Mail