I have thought some time about the user interface / user experience of Enigmail, because in my environment I see that many normal users struggle to work with enigmail - even if they'd like to.
I looked a bit through the UI and especially the start (generating keys) seems quite hard, because for people not into encryption it includes reading a lot of stuff, they do not yet know about. I had the discussion with other people, that encryption should be hard and you have to read into it, but in my opinion if we really want a large base of users to encrypt - and this is a topic at the moment, because we see political advantage to abandon encryption - we have to create an accessible UI, which introduces new users into the world of encryption easily *and then* let's them learn step by step. Thus, I think we'd have to move the key generation to an easier locatable place. Currently it's hidden in "Key management" at the top right side and "key management" itself is hidden in the middle of a lot of options, when we open the Enigmail menu. Then the Key Generation process could be designed with more UX in mind. At the moment it's mainly a bunch of input fields jumping onto the user without any comments. The most minor thing is probably that many users do not know the term "Passphrase" opposed to "Password" (I know the reasons for the discussion between those two and why GPG prefers passphrase). I would move the unimportant options totally away or to a more invisible place. "no passphrase" is not a recommended option, as little as "key does not expire". and not many newcomers will use the "comment" field. With these three away, the generation process looks easier. And experts will still find the options at a better hidden place (own tab or just more on the right side). Then we'd need more explaining texts. Most newcomers will not know what to choose when seeing "Key expires in X years". Here we should explain why this has to be chosen. E.g. we can explain what happens if the key is lost or stolen (not mentioning revocation certificate, because it would introduce another difficult term too early, but thinking ourselves, that this is also lost). We could also explain that all credit cards, personal identity cards (at least in Germany and Austria) have a valid date. Such officia important documents are not issued forever, in case of loss. This would in my eyes make the key generation much easier for outsiders. And then I'd go on as normal with displaying a message, that the user should create a revocation certificate. Don't know now if it explains what a rev certificate is. If yes: everything fine; if not: let us explain it. Would be cool if we could make the introduction for new users easier, so that more people use cryptography for mails. I read that thunderbird only has 1% market share (don't know if we can trust that, but maybe yes due to webmail), but still I know people who use Thunderbird and fail at beginning with Enigmail without my help. I also know we have documentations and stuff, but modern / good UI should be self-explanatory. _______________________________________________ enigmail-users mailing list [email protected] To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
