I would expect typical use of encryption to be on a per-message basis, rather than 'always' or 'if possible'. I doubt that turning the lock's shackle to closed is discoverable enough for it to be sufficient as the main means to encrypt a single message. I'm also not clear on how this button would behave if you didn't have the needed certs. Would the shackle return to open after you clicked it? Is the shackle even sufficient as an indicator? (I know I have trouble seeing it in the spec, less so in the current product) Finally, using it to set encryption would seem to preclude using it as an informational "show security info" as is now done in other content areas.
Did you consider adding a nice, big, fat toolbar button, or other obvious separate affordance for this instead of overloading the lock icon? Peter Jennifer Glick wrote: >Draft spec now posted here: >http://www.mozilla.org/mailnews/specs/security/ > >Please post comments to the mail-news and crypto newsgroups. >
