On 27-02-2015 16:57, Mark H. Wood wrote: > It's always good to look for patterns that lead to useful > simplification. But there comes a point at which no further > simplfication can be done without making the system less useful.
Well, in making it more beginner friendly, I imagine a system that does not bother the user with complexities about whan to sign someone's key to which degree, but after install: 1. The beginner friendly installer notices there is no secret key yet -> create one automatically and upload it to the keyservers. To make the experience as easy as possible perhaps even offer to use no password on the key so it does not need to ask for a password when opening mail (with a warning that this could give problems if losing or confiscating the computer is part of the threat model). 2. It notices 2 email programs -> offer to integrate a plugin in both and set the defaults to sign and encrypt when the receiver has a public key on the servers. I agree that for webmail solutions this might be difficult but plugins for browser automation do exist (usually aimed at unit testing of websites). This approach might lead to issues, like targeted attacks with false keys and stolen computers, but it would get the number of encrypted emails up. At least the mails would be safer in transit and at the mail provider. -- ir. J.C.A. Wevers PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users