Brendan Taylor wrote:
> My suggestion: If you're in an encrypted chat but you haven't verified
> the identity, overlay a big red question mark on the encryption lock
> icon in the ChatControl and put a tooltip on it explaining the problem.
> Clicking on the question mark pops up a verification dialog (specific to
> whatever end-to-end---- encryption protocol you're using).
> Good idea? Does it make the potential problem obvious enough to the user?
> Is there a better symbol/place to put the symbol/place to put the button
> for the dialog?
I like the idea: not too intrusive for ppl who don't really care, and
clear enough with the question mark that it's not really secured.
> How does the OpenPGP code handle an unknown key?
In gajim we now don't really care, it's handled by GnuPG itself: if key
is not signed, GnuPG refuses to encrypt, and an error message is shown
in chat conversation textview.
Gajim-devel mailing list