Bob, this will work. I like Mark's idea of a gentle hint, but do NOT put a bar across the bottom with it because there is precious little space on my laptop.
I still do not know why we cannot have the security button back. It emphasizes security more, and no one should ignore it in these times. Also it cuts out 2 menu drill downs. Jim Rome Bob Lord wrote: > Jennifer Glick wrote: > >> In response to the original posting, Mail Security Spec >> <news://news.mozilla.org/3BE067D8.E521F3E9%40netscape.com>, some >> alternative ideas are posted here: >> http://www.mozilla.org/mailnews/specs/security/Options.html > > > Let me think out loud about Option 3 (with the Security icon in the > Taskbar) to shake out some assumptions. Please bear with me, and let me > know where my assumptions don't match yours. > > **The Security Icon** > > Display: > The security icon behaves as it did in Communicator. That means it > represents the *goal* of the user (regardless of the client's ability to > meet those goals). It has these states: > 1. Unlocked, meaning no encryption and no signature. This is > the factory default for the product. > 2. Unlocked with a luggage tag, meaning signed but not encrypted. > 3. Locked with no luggage tag, meaning encrypted but not signed. > 4. Locked with a luggage tag, meaning encrypted and signed. > > Mouseover: > For each of the above icon states, the client will display the following > tooltips: > 1. This message will not be signed or encrypted. Click to > change these settings. > 2. This message will be signed, but not encrypted. Click to > change these settings. > 3. This message will be encrypted, but not signed. Click to > change these settings. > 4. This message will be signed and encrypted. Click to > change these settings. > > Clicking: > When users click on the lock icon, they'll get a popup menu item with > these elements: > -Don't Encrypt this message > -Encrypt this message if possible > -Encrypt this message > --------------------------------- > -Sign this message > > If the user selects "Sign this message" and has not established a > signing cert from the prefs menu, he'll get a warning that says > something like "You are trying to sign this message, but you have not > selected a default signing certificate. [OK] [[Tell me more]]". The > client will not leave the user hanging, but will direct him in the hopes > that he can complete his intended task. > > If the user selects "Encrypt this message if possible", the client will > show the "UNlocked" icon even though his intent is to encrypt some of > the time. This configuration prevents users from thinking all their > email is secure when in fact most of it is not. > > > **Status Bar** > Display: > The Pen and Padlock icons are always present. In the base case (no > S/MIME), the pen is broken (or somehow shown to be not activated) and > the padlock is open. These icons represent the state of the message. > Highlights include: > - If the user has selected the "Sign this message" option from the > lock icon in the Taskbar and has correctly selected a signing cert > in the prefs window, the pen will be solid. > - If the user has selected "Encrypt this message" from the lock > icon in the Taskbar, and he has *all* the required certs, the > Status Bar lock icon will be in the "locked" state. Otherwise it > will remain in the "unlocked" state since the message cannot be > sent encrypted. Also, the Send button will be disabled until > all certs are present. > - If the user has selected "Encrypt this message if possible" from > the lock icon in the Taskbar, and he has *all* the required certs, > the Status Bar lock icon will be in the "locked" state. Otherwise it > will remain in the "unlocked" state since the message cannot be > sent encrypted. Since this is the "if possible" variation, the > Send button will never be deactivated. > > Mouseover: > When you mouseover the pen icon, you'll see one of these tooltips: > - This message will be sent unsigned. Click to get more information. > - This message will be signed by "Robert Lord's AOL > Intranet" certificate. Click to get more information. > > When you mouseover the lock icon, you'll see one of these tooltips: > - This message will be sent unencrypted. Click to get > more information. > - This message will be sent encrypted. Click to get more information. > > Clicking: > Clicking on the pen or padlock icons will open a (yet to be defined > window) that: > 1. Shows which cert you are using, if any, to sign this email. It > allows you to select a different cert than your default cert for this > message only. > 2. Shows which cipher and keylength, if any, will be used. > 3. Allows you to set any of the Sign or Encrypt settings available > in the Security button in the Taskbar. > 4. Can send to you help pages, perhaps including pages of Public CAs. > > > **Addressing fields** > Display: > When you elect to "Encrypt this message" or to "Encrypt this message if > possible", you'll see icons to the left (right?) of each email address > indicating either a "certificate icon", or a "missing certificate" icon. > > Non S/MIME users will so no such certificate icons. > > Mouseover: > When you mouseover the certificate icon, you'll see one of these two > tooltips: > - You have a certificate for this recipient on file. Click to > get more information. > - You do not have a certificate for this recipient on file. Click > to get more information. > > Clicking: > When you click on a certificate icon, you'll get a window that tells you > about the cert if it's available (probably by just opening the existing > Certificate Viewer window), or tells you that you still need to obtain > that cert. Perhaps that window can help you learn about the ways you > can get the recipient's cert. > > > > Pros: > -S/MIME is very discoverable > -Leverages S/MIME UI in Communicator, but is more task based. (No more > dead-ends!) > -Allows you to select certs on a per-message basis. > > > Cons: > 1. The client will tell the user how the message will be sent by setting > an icon in the taskbar rather than on the Send button. Users are more > likely to notice changes on or near the Send button. In fact, the > status of the encryption for this message couldn't be any further away > from the Send button (the are at opposite ends of the window). This > change probably impacts users who select the "Encrypt if possible" > default more than users who select "Encrypt". A user who might be > willing to go fetch one last recipient's cert might not see the unlocked > icon in the Status Bar and send the message unencrypted. That's not > such a terribly thing (that's why there's a pref), but it does seem that > the connecting the Send button with the encryption status would be helpful. > > 2. The lock icon does not really represent the notion of "Encrypt if > possible" very well. I personally will select "Encrypt if possible", as > will many corporate deployments. This area may need more thinking. > -- James A. Rome http://www.ornl.gov/~jar
