On 3/17/15 11:46 PM, Robert J. Hansen wrote:
Um, since when? Hasn't the CW always been to have the user upload their key to a key server?Emphatically: no! There are places in the world that will throw you in jail for using crypto. People in these places tend to, and probably are correct to, avoid using keyservers for fear they'll come to the attention of the local secret police.
I read your report, and others, from Circumvention; and in fact I've worked with people in this situation in the past. I understand that they have special needs, and I think we should do what we can to help them.
But what percentage of overall enigmail users are they, and how likely are they to blindly send their key to a keyserver rather then blindly click a button to attach their public key?
I don't see this user community as a driving force for the defaults, but perhaps I am missing something?
One interesting thing that I did see coming out of the reports from Circumvention is the need for something like the new toolbar to tell users in that community that their messages are, or are not signed/encrypted. If it were me, I would have created something similar to the new toolbar, but just large enough for some 10 pt. type and a little border, with nothing but this status information on it. I would have made it off by default, but with a check box in the enigmail advanced features to add it to the compose window. That way users who need this level of reminder/assurance can have it (above and beyond the icons changing colors), but users who don't need/want it wouldn't be confronted with the angry red letters.
I realize that I may be coming off as negative here, but I don't mean to be. The new icons are great, they're just in the wrong place. The status bar is not a horrible idea, but it should be off by default, and smaller. IMO a little bit of additional refinement would make this release both more useful, and more palatable.
Doug --I am conducting an experiment in the efficacy of PGP/MIME signatures. This message should be signed. If it is not, or the signature does not validate, please let me know how you received this message (direct, or to a list) and the mail software you use. Thanks!
signature.asc
Description: OpenPGP digital signature
_______________________________________________ enigmail-users mailing list [email protected] To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
