Hi all-- Today i have done several trial run-throughs, thunderbird 1:52.6.0-1+b1 + enigmail 2:2.0~beta2-1 on debian testing/unstable. I have a few observations and recommendations about the setup wizard.
I chose the "standard configuration (recommended for beginners)". all the recommendations below are only for people using the wizard in "standard mode". -------------------------------- * New key creation password requirement. Currently the wizard requires that the user enter a password of at least 8 characters. It's not clear that treating this as a hard requirement is a good idea. Having the "password strength" meter gives the user some sense of how good their password is. But perhaps we can let users make their own decisions about when their password is chosen. There are legitimate "opportunistic" e-mail encryption approachs that discourage the use of passwords entirely. Recommendation: remove the hard requirement of 8 chars minimum. * The "create key" part of the dialog box has scrollbars, which makes it pretty awkward to use:
Recommendation: resize the dialog box to not need the scrollbars
* The text in the "create key" dialog box is quite a lot. It's much
more than any beginner who chose a standard configuration will
probably read.
Recommendation: Remove all of the current text. Under the
"Account/User ID" dropdown box, include something like this:
Enigmail lets you send and receive end-to-end encrypted messages
with this e-mail account. Only this Enigmail profile will be
able to read these encrypted messages.
To protect these messages further, you can lock them with a
password below. All encrypted messages will be unreadable
without the password.
Optionally, we could hide the entire password-setting UI inside a
collapsible frame labeled "Set end-to-end password"
The text about umlauts and character classes should be shown only
when the user enters a password that has the properties that it is
warning about. (e.g. maybe the field that currently shows "passphrase
should contain at least 8 characters")
* The circled red+white X that shows when one of the password fields is
bad is weirdly stretched.
Recommendation: fix the aspect ratio of the image :)
* The "passphrase should contain at least 8 characters" warning appears
only after the user's focus *leaves* the password field, which is
confusing.
Recommendation: that warning box should be dynamically updated as the
user types.
* "Revocation Certificate Creation" -- it's awesome that enigmail
encourages good key management practices, for those people who want
to explicitly mangae their keys, but it's really frustrating for a
"standard" configuration to not be able to proceed until a revocation
certificate is generated.
Recommendation: make "Create a revocation certificate" an optional
button available during an earlier phase of the dialog box (maybe
next to the "Set end-to-end password" collapsible choice recommended
above?). This would allow the user to choose a location for the
revocation cert early in the process if they want it. Do not force
the user to generate a revocation certificate (modern versions of
GnuPG auto-generate a revocation certificate anyway).
* When i click the "Create Revocation Certificate" button, i get a
popup dialog box saying "The revocation certificate could not be
created", with a "close" button. When i click "close", it takes me
to a file chooser. Then i choose a file, and it shows me the same
"revocation certificate could not be created" dialog box. I can
cycle between these things indefinitely.
When i finally tire of this, the only option left to me is to cancel
the wizard. It prompts me with something like "are you sure you want
to cancel the wizard?" with choices of "close" or "continue". I feel
bad because i do want to continue, but i choose "close". Then, when
i go back into the Setup Wizard via the Enigmail submenu, it just
asks me to choose a key (my now-existent key is present, so i choose
it), and then it tells me i'm done (without offering to create a
revocation certificate).
Recommendation: for those people who want to save a revocation
certificate, make sure that the file save actually works. Looking in
the debug log, i don't see any problem with revocation cert
generation on the GnuPG side, and i don't see anything else in the
enigmail logs after revocation to indicate why things are failing:
2018-03-07 19:07:52.001 [CONSOLE] enigmail> /usr/bin/gpg --charset utf-8
--display-charset utf-8 --no-auto-check-trustdb --no-tty --status-fd 1
--logger-fd 1 --command-fd 0 -a -o /home/tester/xx.asc --gen-revoke
0xF730CBF596C0AFB4
2018-03-07 19:07:52.033 [DEBUG] keyEdit.jsm: GpgEditorInterface.processLine:
'[GNUPG:] KEY_CONSIDERED 32D8967BEF29B980029E5E29F730CBF596C0AFB4 0'
2018-03-07 19:07:52.033 [DEBUG] keyEdit.jsm: GpgEditorInterface.processLine:
'[GNUPG:] GET_BOOL gen_revoke.okay'
2018-03-07 19:07:52.034 [DEBUG] keyEdit.jsm: GpgEditorInterface.writeLine: 'Y'
2018-03-07 19:07:52.036 [DEBUG] keyEdit.jsm: GpgEditorInterface.processLine:
'[GNUPG:] GOT_IT'
2018-03-07 19:07:52.036 [DEBUG] keyEdit.jsm: GpgEditorInterface.processLine:
'[GNUPG:] GET_LINE ask_revocation_reason.code'
2018-03-07 19:07:52.036 [DEBUG] keyEdit.jsm: GpgEditorInterface.writeLine: '1'
2018-03-07 19:07:52.038 [DEBUG] keyEdit.jsm: GpgEditorInterface.processLine:
'[GNUPG:] GOT_IT'
2018-03-07 19:07:52.038 [DEBUG] keyEdit.jsm: GpgEditorInterface.processLine:
'[GNUPG:] GET_LINE ask_revocation_reason.text'
2018-03-07 19:07:52.038 [DEBUG] keyEdit.jsm: GpgEditorInterface.writeLine: ''
2018-03-07 19:07:52.040 [DEBUG] keyEdit.jsm: GpgEditorInterface.processLine:
'[GNUPG:] GOT_IT'
2018-03-07 19:07:52.040 [DEBUG] keyEdit.jsm: GpgEditorInterface.processLine:
'[GNUPG:] GET_BOOL ask_revocation_reason.okay'
2018-03-07 19:07:52.041 [DEBUG] keyEdit.jsm: GpgEditorInterface.writeLine: 'Y'
2018-03-07 19:07:52.043 [DEBUG] keyEdit.jsm: GpgEditorInterface.processLine:
'[GNUPG:] GOT_IT'
2018-03-07 19:07:52.119 [DEBUG] keyEdit.jsm: GpgEditorInterface.processLine:
'[GNUPG:] PINENTRY_LAUNCHED 29499 gnome3:curses 1.1.0 - - localhost:10.0'
2018-03-07 19:07:52.123 [DEBUG] keyRing.jsm: updateKeys(0xF730CBF596C0AFB4)
2018-03-07 19:07:52.123 [DEBUG] keyRing.jsm:
deleteKeysFromCache(0xF730CBF596C0AFB4)
2018-03-07 19:07:52.123 [DEBUG] keyRing.jsm: getKeyById: 0xF730CBF596C0AFB4
2018-03-07 19:07:52.123 [DEBUG] keyRing.jsm: loadKeyList( null)
2018-03-07 19:07:52.123 [DEBUG] keyRing.jsm: obtainKeyList
2018-03-07 19:07:52.124 execution.jsm: execStart: command = /usr/bin/gpg
--charset utf-8 --display-charset utf-8 --no-auto-check-trustdb --batch
--no-tty --status-fd 2 --with-fingerprint --fixed-list-mode --with-colons
--list-keys, needPassphrase=false, domWindow=null, listener=[object Object]
2018-03-07 19:07:52.124 [CONSOLE] enigmail> /usr/bin/gpg --charset utf-8
--display-charset utf-8 --no-auto-check-trustdb --batch --no-tty --status-fd 2
--with-fingerprint --fixed-list-mode --with-colons --list-keys
2018-03-07 19:07:52.126 [DEBUG] enigmail> DONE
2018-03-07 19:07:52.146 [DEBUG] keyRing.jsm: loadKeyList: got pubkey lines: 7
2018-03-07 19:07:52.146 [DEBUG] keyRing.jsm: obtainKeyList
2018-03-07 19:07:52.146 execution.jsm: execStart: command = /usr/bin/gpg
--charset utf-8 --display-charset utf-8 --no-auto-check-trustdb --batch
--no-tty --status-fd 2 --with-fingerprint --fixed-list-mode --with-colons
--list-secret-keys, needPassphrase=false, domWindow=null, listener=[object
Object]
2018-03-07 19:07:52.147 [CONSOLE] enigmail> /usr/bin/gpg --charset utf-8
--display-charset utf-8 --no-auto-check-trustdb --batch --no-tty --status-fd 2
--with-fingerprint --fixed-list-mode --with-colons --list-secret-keys
2018-03-07 19:07:52.149 [DEBUG] enigmail> DONE
2018-03-07 19:07:52.161 [DEBUG] keyRing.jsm: loadKeyList: got seckey lines: 8
2018-03-07 19:07:52.161 [DEBUG] keyRing.jsm: createAndSortKeyList()
2018-03-07 19:07:52.170 [DEBUG] keyRing.jsm: getKeyById: F730CBF596C0AFB4
2018-03-07 19:07:52.171 [DEBUG] enigmailKeyManager.js: buildKeyList
2018-03-07 19:07:52.171 [DEBUG] keyEdit.jsm: GpgEditorInterface.onComplete:
exitCode=2
2018-03-07 19:07:52.171 [DEBUG] keyEdit.jsm: GpgEditorInterface.onComplete:
returning exitCode 2
2018-03-07 19:07:52.316 [DEBUG] enigmailCommon.jsm: dispatchEvent f=resizeDlg
2018-03-07 19:08:39.911 [DEBUG] enigmailMessengerOverlay.js:
updateOptionsDisplay:
* System charset:
looking at the logs, i see the following:
2018-03-07 19:18:18.293 [DEBUG] system.jsm: determineSystemCharset:
charset='iso-8859-1'
This is just wrong. Everything about my operating system is
configured with UTF-8, not iso-8859-1. I haven't read system.jsm to
see how it determines this result, but it's 2018.
Recommendation: enigmail should default to UTF-8 if there is any
uncertainty about the system charset.
I hope this is useful feedback!
--dkg
signature.asc
Description: PGP signature
_______________________________________________ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
