Michael Str�der wrote:
>IMHO the Wizard and the Account Manager are not the right place.
>X.509 certificates expire (usually after a year). The enrollment
>process has to be accessible without messing around with your
>account data.
>
Account data is not sat in stone either. Quite a lot of people (not just
geeks) change their email address more than once a year.
But certs directly depend on some account data (name and email address).
In the user's mind, he gets a cert for his email address. That's why the
cert management should be accessible where his email address is managed.
>>Ideally, the default in the Account Wizard would be to generate a new
>>self-signed key.
>>
>Hmm, not sure about that.
>
What else?
* This whole sub-thread started with my statement that the CA-signed
cert "enrollment" process is to complicated for mass-use (at least
in its current form).
* Import can hardly be the default.
* Should we default to no crypto?
>Ben, did you ever work with S/MIME mails in Communicator?
>
Yes, but not much. Didn't have much chance to.
>You can't do much more in the UI in this case.
>
Right, that was my point. It's a weakness in the approach.
>1. The dialogue does not have to be answered immediately.
>
You can't answer it a day later. That's what I meant with "immediately".
