On Wed 2015-03-18 03:23:04 -0400, Doug Barton wrote: > On 3/17/15 11:03 PM, Daniel Kahn Gillmor wrote: >> My composition toolbar currently already has: >> >> Send | Spelling | Attach | S/MIME | Save > > Yes, that's the default, and I have those as well (icons and text).
thanks for the reportback, and for the screenshot. I guess i should note that while we have the same buttons in the same layout, our icons are entirely different (i'm running Debian GNU/Linux, i suspect our OS integration packages are involved with these decisions). So it may not be possible for enigmail to ship icons that match everyone's iconsets, without selecting icons from thunderbird's default set. > They are not necessary to have as part of the compose window itself. The > icons for encrypt and sign already change status when those features are > enabled. That will serve for your "status" indicator. I experimented > with moving those two buttons up to the composition toolbar, and it > works ... I attached an example. It would be nice if the icons were a > little cleaner and matched the existing style better, but it's a good > start. Users for whom this is cramped and do not use S/MIME could simply > delete that button. Alternately, users who do not want the new toolbar can do the customization you just did. That is: start with the beginner mode, and let advanced users customize. > You listed some good questions, and like you I don't want to get dragged > down into arguing them point by point. However they are all questions > that new users need to learn the answers to. Putting a shiny button for > attaching their public key doesn't aid in that process. Thanks for not arguing with the questions -- they weren't intended as points for debate, just as a handful of the thousand papercuts that people run into when trying to use these tools for the first time. I think we have a couple choices: (a) we can expect that users learn the answers (and rationales) behind all of these questions before they ever start to use the tool, or (b) we can help them get started and then help them answer these questions later, as they come up. As a community, we seem to have been trying (a) for a long time. And i'm a big fan of it too -- i really really want people to understand the nuances. But we've been failing at getting people to just use the tools, and without users, the tools don't achieve their purpose. Enigmail is currently in the middle of a grand experiment at pushing toward (b). I welcome this change. >> Unencrypted mail will be in the clear, just like the many web sites we >> still use that are in the clear (for routine business communications >> like http://amazon.com/, for example). Users should know about this. > > I may regret asking this question, but why? For users who have not > explicitly enabled signing and/or encryption what good thing will come > from hitting them over the head with the fact that their messages are > not signed or encrypted (just like they never have been in the past)? As said on the chromium proposal about marking HTTP as non-secure: "The goal of this proposal is to more clearly display to users that HTTP provides no data security." I think you're operating from the default assumption that everyone knows From the beginning that networked communications are insecure, and that this should be the default (quiet) state of the UI. I'm not sure most people besides computer security nerds like us really understand that, though maybe some more of them do now, post-Snowden. I believe that we should expect more from our tools, and that the default (quiet) state of the UI should be when the communications channels we use *are* secure, and that otherwise we should have clear indicators. All the best, --dkg
signature.asc
Description: PGP signature
_______________________________________________ enigmail-users mailing list [email protected] To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
