Hello again!
In response to all the comments...
I agree (unsurprisingly) with the point made by David Ross about user preferences. In fact, to cover all user preferences, I think there should be both:
3. Encrypt 'partially', where possible. (Encrypt to recipients with known certificates, others get message unencrypted)
4. Encrypt 'fully', where possible. (Encrypt to all recipients if certificates held, otherwise encrypt none and send).
And perhaps a check box with number 3:
X. Warn me if some recipients do not have certificates.
and number 4:
X. Warn me if outgoing email cannot be encrypted.
Obviously I'm just trying to give an idea here, not suggest exact wordings...
For me (personally) ALL private communication is sensitive. I do not want to have to think about hitting the Encrypt button every time I send an email to 'Friend A', when I know he has a certificate and therefore all communication can and should be encrypted (in my opinion). Currently I have to hit the button each time.
One could also envisage an option in the address book: 'Always encrypt email to this address'.
Ian G wrote:
LOL... What you mean is "use encryption if I have the cert." If you really meant "use encryption when possible" that would be something like:
4. Tbird would create a default cert at install time, and attach it to the bottom of every mail to someone new. If everyone did this, we'd have a web of keys within months... (Literally, we'd have just exchanged keys if #4 had been turned on!)
Well, I actually like that idea, but obviously it's not feasible because the certificate would be worthless if it wasn't verified to be linked to the email address of the user. (Or have I misunderstood the concept?!)
J. Wren Hunt wrote:
| On the other hand, why would you send something so sensitive that | it must be encrypted to someone you don't know? Can you trust an | unknown recipient to treat the contents of the message as | sensitive? |
Who says that encryption should imply "sensitive" messages only? I
routinely send my grocery list to my housemate on a regular basis. Is it
"sensitive"? Most likely not. But we both feel comfortable with
encryption and we'd just soon that no one (her employer included) be
able to see our exchange.
I agree with J. Wren Hunt. As I said, all private communication is sensitive communication for me. Regarding the letter/postcard analogy used earlier...
David Ross wrote:
Similarly, if I use postal mail, I either send a postcard with a given message to all addressees, or else all addressees receive a letter sealed in an envelope. I don't send the same messages to some on a postcard and to others sealed in an envelope.
...there's a mistake in the analogy, because you CAN'T send letters in envelopes to everyone at will. You are, by default, restricted to postcards. Just as in the current Mozilla security settings, you have 1) Only send postcards. Or 2) Only send letters (if you have enough envelopes, otherwise don't send anything!).
This is kind of an aside, but relevant to the argument: My reasoning is also that I don't agree with Governments reading emails at will, as they currently do (e.g. UK legislation: http://archives.cnn.com/2000/TECH/computing/07/28/uk.surveillance.idg/). The more encrypted information that flies around, the better IMHO.
David Ross wrote:
Ian G wrote [in part]:
(Sales of Certificate Authority certs would shoot from that small number up to about 10% I'd say of Tbird users. Most users would be happy with a default cert. Nothing wrong with that, they are the best thing available for the price, compared to nothing.)
That's why I use PGP: It's free, including the certs. But it does
require that you really know your recipient.
But again, this restricts the user, as you say. I use a Certificate Authority certificate which I recently discovered is available free from http://www.thawte.com/email/
Jay
PS I will submit this to Bugzilla and announce here... _______________________________________________ mozilla-crypto mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-crypto
