> 1. i might not want to download the key: the message may be in the > "macht nichts" category
So you disable the auto-download in the configuration menu. > 2. there are 3 options available to the user: And they can all be taken care of once the user expresses enough interest in the signature to find out what the problem is. > 2b try to get the key from the keyserver ( which keyserver, btw ) Whichever one they've configured Enigmail to use. We've had a keyserver setting for years. > it is critical not to cripple this thing by trying to make things too > automatic. we'll end up like SSL/TLS By which you mean, what -- we'll become a largely-invisible and largely-effective part of the information security ecosystem that's responsible for securing billions of dollars a day, and on balance does it surprisingly well? Man, I *hope* we wind up like TLS. :) > i like the idea of a pen with a ? mark over it for those messages which > are signed but for which we do not have a local copy of the sender's > public key I don't. It's unnecessary. The red X says everything that needs to be said: "There's a problem. Click here for more details." You've already got trinary icons (full color, grayed-out, and Xed). I draw the line there. _______________________________________________ enigmail-users mailing list [email protected] To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
