1. you don't want to leave the user guessing: this is a very bad trait in software and when it is manifest it makes the users mad. if the signature is invalid,-- say so; if the signature does not validate the message: say so. But don't leave the user guessing.
2. I still maintain that if the user presses SIGNATURE that PGP/MIME should activate by default. 3. if you must send clear text, send it as an attachment. you can add the signature by creating a detached signature On 04/07/2015 02:05 PM, Daniel Kahn Gillmor wrote: > In a thread over on [email protected], i did a little thinking about the > UI/UX for cleartext signature verification in e-mail clients. > > A thought experiment about clearsigned messages follows; i'd be happy to > hear feedback. > > * For cleartext messages, what if enigmail treated a bad signature and > no signature in exactly the same way, from the receiving user's > perspective? > > There are two ways this could be done: > > 0) for broken signatures, simply show no indication that enigmail > ever thought there might have been a signature on the message > > 1) for all unsigned messages, and for all messages with broken > signatures, always show a simple, passive enigmail header that > says "this message had no valid signature" > > > The rationale that lead me to this thought experiment is: > > a) many MTAs can accidentally break signatures due to a variety of > reasons (line-wrapping, re-encoding, filtering, markup, etc) > > b) it is trivial for any MTA that wants to *deliberately* break a > signature to do so. > > c) it is trivial for a malicious MTA to modify an unsigned message so > that it looks like it has a broken signature from anyone it wants. > > d) most users are not prepared to debug or repair failed signatures in > any way. At best, they can forward the message to someone with more > skill who can look into it further. > > e) from an end-user perspective, a broken signature is actually not > much different than no signature at all. why highlight the > difference? > > > What do you think? > > --dkg > > PS the above proposal is not intended to address anything about > signed+encrypted messages; cleartext messages only. > > PPS i believe the above proposal is independent of the inline PGP > vs. PGP/MIME question. If we can avoid this thread getting bogged > down in inline-vs-PGP/MIME, that would be lovely. > > PPPS as a software developer, a debugger, and someone who likes to look > at the internals of things, i find this proposal horrifying. > However, as someone who cares about the sanity of non-technical > users, i'm not sure how to justify inflicting the "BAD SIGNATURE" > UI/UX on them when there's not much they can do about it. > > > _______________________________________________ > enigmail-users mailing list > [email protected] > To unsubscribe or make changes to your subscription click here: > https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net -- /Mike
_______________________________________________ enigmail-users mailing list [email protected] To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
