Hi all-- Today i have done several trial run-throughs, thunderbird 1:52.6.0-1+b1 + enigmail 2:2.0~beta2-1 on debian testing/unstable. I have a few observations and recommendations about the setup wizard.
I chose the "standard configuration (recommended for beginners)". all the recommendations below are only for people using the wizard in "standard mode". -------------------------------- * New key creation password requirement. Currently the wizard requires that the user enter a password of at least 8 characters. It's not clear that treating this as a hard requirement is a good idea. Having the "password strength" meter gives the user some sense of how good their password is. But perhaps we can let users make their own decisions about when their password is chosen. There are legitimate "opportunistic" e-mail encryption approachs that discourage the use of passwords entirely. Recommendation: remove the hard requirement of 8 chars minimum. * The "create key" part of the dialog box has scrollbars, which makes it pretty awkward to use:
Recommendation: resize the dialog box to not need the scrollbars * The text in the "create key" dialog box is quite a lot. It's much more than any beginner who chose a standard configuration will probably read. Recommendation: Remove all of the current text. Under the "Account/User ID" dropdown box, include something like this: Enigmail lets you send and receive end-to-end encrypted messages with this e-mail account. Only this Enigmail profile will be able to read these encrypted messages. To protect these messages further, you can lock them with a password below. All encrypted messages will be unreadable without the password. Optionally, we could hide the entire password-setting UI inside a collapsible frame labeled "Set end-to-end password" The text about umlauts and character classes should be shown only when the user enters a password that has the properties that it is warning about. (e.g. maybe the field that currently shows "passphrase should contain at least 8 characters") * The circled red+white X that shows when one of the password fields is bad is weirdly stretched. Recommendation: fix the aspect ratio of the image :) * The "passphrase should contain at least 8 characters" warning appears only after the user's focus *leaves* the password field, which is confusing. Recommendation: that warning box should be dynamically updated as the user types. * "Revocation Certificate Creation" -- it's awesome that enigmail encourages good key management practices, for those people who want to explicitly mangae their keys, but it's really frustrating for a "standard" configuration to not be able to proceed until a revocation certificate is generated. Recommendation: make "Create a revocation certificate" an optional button available during an earlier phase of the dialog box (maybe next to the "Set end-to-end password" collapsible choice recommended above?). This would allow the user to choose a location for the revocation cert early in the process if they want it. Do not force the user to generate a revocation certificate (modern versions of GnuPG auto-generate a revocation certificate anyway). * When i click the "Create Revocation Certificate" button, i get a popup dialog box saying "The revocation certificate could not be created", with a "close" button. When i click "close", it takes me to a file chooser. Then i choose a file, and it shows me the same "revocation certificate could not be created" dialog box. I can cycle between these things indefinitely. When i finally tire of this, the only option left to me is to cancel the wizard. It prompts me with something like "are you sure you want to cancel the wizard?" with choices of "close" or "continue". I feel bad because i do want to continue, but i choose "close". Then, when i go back into the Setup Wizard via the Enigmail submenu, it just asks me to choose a key (my now-existent key is present, so i choose it), and then it tells me i'm done (without offering to create a revocation certificate). Recommendation: for those people who want to save a revocation certificate, make sure that the file save actually works. Looking in the debug log, i don't see any problem with revocation cert generation on the GnuPG side, and i don't see anything else in the enigmail logs after revocation to indicate why things are failing: 2018-03-07 19:07:52.001 [CONSOLE] enigmail> /usr/bin/gpg --charset utf-8 --display-charset utf-8 --no-auto-check-trustdb --no-tty --status-fd 1 --logger-fd 1 --command-fd 0 -a -o /home/tester/xx.asc --gen-revoke 0xF730CBF596C0AFB4 2018-03-07 19:07:52.033 [DEBUG] keyEdit.jsm: GpgEditorInterface.processLine: '[GNUPG:] KEY_CONSIDERED 32D8967BEF29B980029E5E29F730CBF596C0AFB4 0' 2018-03-07 19:07:52.033 [DEBUG] keyEdit.jsm: GpgEditorInterface.processLine: '[GNUPG:] GET_BOOL gen_revoke.okay' 2018-03-07 19:07:52.034 [DEBUG] keyEdit.jsm: GpgEditorInterface.writeLine: 'Y' 2018-03-07 19:07:52.036 [DEBUG] keyEdit.jsm: GpgEditorInterface.processLine: '[GNUPG:] GOT_IT' 2018-03-07 19:07:52.036 [DEBUG] keyEdit.jsm: GpgEditorInterface.processLine: '[GNUPG:] GET_LINE ask_revocation_reason.code' 2018-03-07 19:07:52.036 [DEBUG] keyEdit.jsm: GpgEditorInterface.writeLine: '1' 2018-03-07 19:07:52.038 [DEBUG] keyEdit.jsm: GpgEditorInterface.processLine: '[GNUPG:] GOT_IT' 2018-03-07 19:07:52.038 [DEBUG] keyEdit.jsm: GpgEditorInterface.processLine: '[GNUPG:] GET_LINE ask_revocation_reason.text' 2018-03-07 19:07:52.038 [DEBUG] keyEdit.jsm: GpgEditorInterface.writeLine: '' 2018-03-07 19:07:52.040 [DEBUG] keyEdit.jsm: GpgEditorInterface.processLine: '[GNUPG:] GOT_IT' 2018-03-07 19:07:52.040 [DEBUG] keyEdit.jsm: GpgEditorInterface.processLine: '[GNUPG:] GET_BOOL ask_revocation_reason.okay' 2018-03-07 19:07:52.041 [DEBUG] keyEdit.jsm: GpgEditorInterface.writeLine: 'Y' 2018-03-07 19:07:52.043 [DEBUG] keyEdit.jsm: GpgEditorInterface.processLine: '[GNUPG:] GOT_IT' 2018-03-07 19:07:52.119 [DEBUG] keyEdit.jsm: GpgEditorInterface.processLine: '[GNUPG:] PINENTRY_LAUNCHED 29499 gnome3:curses 1.1.0 - - localhost:10.0' 2018-03-07 19:07:52.123 [DEBUG] keyRing.jsm: updateKeys(0xF730CBF596C0AFB4) 2018-03-07 19:07:52.123 [DEBUG] keyRing.jsm: deleteKeysFromCache(0xF730CBF596C0AFB4) 2018-03-07 19:07:52.123 [DEBUG] keyRing.jsm: getKeyById: 0xF730CBF596C0AFB4 2018-03-07 19:07:52.123 [DEBUG] keyRing.jsm: loadKeyList( null) 2018-03-07 19:07:52.123 [DEBUG] keyRing.jsm: obtainKeyList 2018-03-07 19:07:52.124 execution.jsm: execStart: command = /usr/bin/gpg --charset utf-8 --display-charset utf-8 --no-auto-check-trustdb --batch --no-tty --status-fd 2 --with-fingerprint --fixed-list-mode --with-colons --list-keys, needPassphrase=false, domWindow=null, listener=[object Object] 2018-03-07 19:07:52.124 [CONSOLE] enigmail> /usr/bin/gpg --charset utf-8 --display-charset utf-8 --no-auto-check-trustdb --batch --no-tty --status-fd 2 --with-fingerprint --fixed-list-mode --with-colons --list-keys 2018-03-07 19:07:52.126 [DEBUG] enigmail> DONE 2018-03-07 19:07:52.146 [DEBUG] keyRing.jsm: loadKeyList: got pubkey lines: 7 2018-03-07 19:07:52.146 [DEBUG] keyRing.jsm: obtainKeyList 2018-03-07 19:07:52.146 execution.jsm: execStart: command = /usr/bin/gpg --charset utf-8 --display-charset utf-8 --no-auto-check-trustdb --batch --no-tty --status-fd 2 --with-fingerprint --fixed-list-mode --with-colons --list-secret-keys, needPassphrase=false, domWindow=null, listener=[object Object] 2018-03-07 19:07:52.147 [CONSOLE] enigmail> /usr/bin/gpg --charset utf-8 --display-charset utf-8 --no-auto-check-trustdb --batch --no-tty --status-fd 2 --with-fingerprint --fixed-list-mode --with-colons --list-secret-keys 2018-03-07 19:07:52.149 [DEBUG] enigmail> DONE 2018-03-07 19:07:52.161 [DEBUG] keyRing.jsm: loadKeyList: got seckey lines: 8 2018-03-07 19:07:52.161 [DEBUG] keyRing.jsm: createAndSortKeyList() 2018-03-07 19:07:52.170 [DEBUG] keyRing.jsm: getKeyById: F730CBF596C0AFB4 2018-03-07 19:07:52.171 [DEBUG] enigmailKeyManager.js: buildKeyList 2018-03-07 19:07:52.171 [DEBUG] keyEdit.jsm: GpgEditorInterface.onComplete: exitCode=2 2018-03-07 19:07:52.171 [DEBUG] keyEdit.jsm: GpgEditorInterface.onComplete: returning exitCode 2 2018-03-07 19:07:52.316 [DEBUG] enigmailCommon.jsm: dispatchEvent f=resizeDlg 2018-03-07 19:08:39.911 [DEBUG] enigmailMessengerOverlay.js: updateOptionsDisplay: * System charset: looking at the logs, i see the following: 2018-03-07 19:18:18.293 [DEBUG] system.jsm: determineSystemCharset: charset='iso-8859-1' This is just wrong. Everything about my operating system is configured with UTF-8, not iso-8859-1. I haven't read system.jsm to see how it determines this result, but it's 2018. Recommendation: enigmail should default to UTF-8 if there is any uncertainty about the system charset. I hope this is useful feedback! --dkg
signature.asc
Description: PGP signature
_______________________________________________ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net