Heya, Damn, I'm impressed...
Good to see you're still 'out there.' : ) Cheers, Mark Shuttleworth wrote: > It's great to see S/MIME going into Mozilla. Finally I'll be able to use > Mozilla for both mail and web! > > It would be nice for "virality" if users who receive signed email got a > gentle introduction to email security. The way the receiving mail client > handles an incoming signed email has a VERY big impact on the response > of the user. We want the response to be "Great! How do *I* start to sign > my email too?". > > We want people who use Mozilla/NS and who receive a signed email to (a) > understand some fairly complex ideas, (b) want to embrace that for > themselves, (c) have a fairly good clue how to do that. That's going to > require more than a padlock! > > I send signed email most of the time, and have experienced all the usual > reactions... from "I can't open that attachment (smime.p7s)" to "Outlook > told me not to read your email". The way a person's email client > displays the security-related information when he receives a signed > email has a LOT to do with how that person feels about the technology. > > Now, unfortunately, because these ideas ARE complex, there's simply no > way to convey all this information using a lock, or a pen, no matter how > well drawn or well placed they are. That's fine for users comfortable > with the technology, but not for new users. We need a way to convey much > more information for new users, and then to shift to a cleaner or more > subtle (but hence less screen real-estate intensive) view for more > experienced users. > > I sort of like the Outlook way. <duck>. I did say "sort of". The first > time you receive a signed or encrypted email, the message doesn't > display in the message pane. What shows is a page explaining some S/MIME > security concepts, and a button which the user can click to view the > actual message. There's a checkbox to turn off this feature once the > user understands WTF is going on. Unfortunately, many people get a big > fright when they see the security message but not the email, and never > actually click on the button. They pick up the phone and accuse the > sender of messing with their computer security. Seriously. > > Here are some UI ideas that I hope the team will consider: > > (1) A "Security Info Pane" in the Message Contents window > > The problem with the Outlook experience is that the message is > completely obscured by the security information. Users take fright at > the security info and never see the message. But perhaps, instead of > taking up the entire message contents pane with the security message, a > slice of the pane could be taken up with some explanatory text, BIG > icons, and a mechanism to prevent the pane from showing for > smarter/sophisticated users. So when I receive signed / encrypted email, > I see the contents of the message AND a substantial explanation of this > new experience, with links that invite me to find out more about this. > The "security info pane" can be turned off simply by checking a checkbox > on it. The info pane could be quite large, because it is only there for > new users and will be turned off as soon as they get the hint. > > This gives the "nice introduction with lots of information" but also > allows for "minimalist use of screen real estate for sophisticated users". > > I have tried to attach a mockup (apologies to dialup users) which shows > the message security pane. I think it could be even bigger, conveying > lots of information, because the idea is to draw the new user into the > security paradigm to get them to embrace it. ESPECIALLY if we get > no-cost bootstrap capability (like PGP or free S/MIME certs) and because > it can be easily and obviously turned off. > > The important thing is that the security info pane AND the message > contents be visible to the user. > > Things that could be on the security info pane: > > - the fact that the message was signed / encrypted / > signed and encrypted > - big glossy versions of the normal icons (padlock etc) > that appear elsewhere in the UI to "introduce and > explain" them. The smart user will make the connection > between these big icons, the security info pane, and the > small icons that are always visible after the security > info pane has been turned off > - links to more information about message security, > certificates, CA's, best practices, corporate deployment, > PGP vs S/MIME (once PGP is in too ;-) etc. > - a link to the users security preferences in the > preferences UI > - the contents of the certificate used to sign the message > (or a summary/abstract of those contents) > - nice polished background image denoting security / safety > - "X" to close the pane and not show it again ( or perhaps > a checkbox for "Always show this pane") > > Hmm... now that I think about it, why not do the same in the browser > window when viewing an SSL-encryped page? As long as the pane can be > turned off easily? Most new users miss the darn padlock and don't learn > to look for it... or understand it. > > (2) Sign/encrypt button on message composer toolbar > > For discoverability, these should be right there whenever a message is > composed. I agree with Bob that Communicator does an excellent job of > hiding this functionality. Mozilla should shout it from the rooftops ;-) > When a user who does not have a cert tries to sign mail, they can be > shown another nice, gentle introduction to message security, including > where to go to get started themselves... point them at places that give > free certs so there are no obstacles to widespread adoption. > > (3) Text Clues > > Instead of a pen, perhaps a "Signed" stamp could be used? Or the words > "Digitally Signed" and "Digitally Encrypted" could be put alongside the > icons? I think it is very, very hard to convey the concept of digital > signature to the user using a single icon... I don't think the pen alone > is symbolic enough... perhaps something that suggests "registered mail" > or "certified mail" or "tamperproof mail" would be better... but I'm no > graphic designer. > > Cheers! > > PS - I don't own a stake in any CA any longer ;-) > > ------------------------------------------------------------------------ > [Image] -- Jason Barr
