On 08/04/15 17:33, Daniel Kahn Gillmor wrote: > On Tue 2015-04-07 16:52:51 -0400, Philip Jackson wrote: >> I would prefer to have the information that the signature existed but >> was broken. This provides a hint that the sender cared sufficiently >> and believed that the message content deserved a signature. It is an >> item of meta-data that should be of interest to the receiver. > > I guess i'm not proposing that we must hide all of this information > entirely from the user -- if there is a permanent enigmail header view, > we could expose it the "details" button, for example. I'm just > questioning the need to display it in scary colors, or to foreground the > breakage if the user really doesn't have many options to deal with it > effectively, and if we're not also highlighting the lack of integrity or > authenticity of unsigned messages.
That would be fine. > >> Even if he automatically signs everything he sends out (which would >> tend to lessen the concern about any individual item deserving a >> signature), it is, in my opinion, still of interest to know that the >> message was signed. > > I agree it's of interest to some people. But if we're aiming for > enigmail to be useful to a wide range, is a broken signature indicator > something we want the general public to have to deal with? Hiding the information from any user would, in my opinion, be undesirable. This is not to say we should go to the other extreme and hoist warning flags in garish colors. Some sort of middle way must be found where a 'gentle' indication of signature failure is given and this should be backed up by further information (as detailed as you like) behind the 'Details' button. > >> If the contents of the message with a broken signature flag were of >> sufficiently high priority to me, I could take some action to contact >> the sender by other means - encrypted email, phone, snail mail, direct >> contact or by a sign left beneath a bush in the local park. > > Surely this is true of unsigned mail as well, no? True
signature.asc
Description: OpenPGP digital signature
_______________________________________________ enigmail-users mailing list [email protected] To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
