Hi Mike-- On Tue 2015-04-07 17:55:49 -0400, Mike Acker wrote: > 1. you don't want to leave the user guessing: this is a very bad trait > in software and when it is manifest it makes the users mad. if the > signature is invalid,-- say so; if the signature does not validate the > message: say so. But don't leave the user guessing.
i'm not even sure what the difference is between "the signature is
invalid" and "the signature does not validate the message". Doesn't a
scary "this signature is broken" message actually leave most users
guessing anyway, because they don't know what it means, what caused it,
or what (if anything) they can do to fix it?
> 2. I still maintain that if the user presses SIGNATURE that PGP/MIME
> should activate by default.
My understanding is that Enigmail is moving to PGP/MIME by default
anyway; this is the diversion that i asked us to not get into in my PPS.
> 3. if you must send clear text, send it as an attachment. you can add
> the signature by creating a detached signature
??? I'm really not sure what to make of this last statement. Are you
suggesting that no one should ever send cleartext, signed messages (like
this one that i'm sending to the mailing list)?
--dkg
signature.asc
Description: PGP signature
_______________________________________________ enigmail-users mailing list [email protected] To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
