> "Valid signature using untrusted key..." ? I'd actually go even further. I'd break it into two entries: "Digital signature" and "Confidence". E.g.:
Digital signature: PRESENT Confidence level: NONE Then let people click on each to get more detailed information. E.g., if they click on "None" a pop-up window might say, "Although the digital signature is present, it cannot be verified because you do not have the sender's public key." Or, "Although the digital signature is present, it does not match the message. Either the message or the signature may have been tampered with." Or, "Although the digital signature is present, there is no reason to believe it was actually sent from <insert user ID>." Etc. Present the user with minimum (but still useful) information, and click to reveal a more human-readable explanation. I would also suggest that we consider diverging from GnuPG's terminology. GnuPG is a command-line application; Enigmail is a GUI application. Language that makes sense in one context may not make sense in another. GnuPG needs to deliver maximum information in the minimum number of words, which means their language will tend to be terse and cryptic. We don't have that problem. We have the luxury of room to explain things -- maybe we should consider exploiting that!
signature.asc
Description: OpenPGP digital signature
_______________________________________________ enigmail-users mailing list [email protected] To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
