-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Am 20.04.2014 21:38, Philip Jackson schrieb/wrote: > Hi Nicolai, > > I've downloaded and installed the 1.7a1pre-test version. > Patrick's link shouldn't just be clicked on though. Firefox > downloaded it and tried to install and then rejected it as 'not > being suitable for Firefox' and then presumably deleted it (because > I couldn't find it in the downloads directory). > > However, one question : in the preferences/sending tab, how do > your new options cohabit with the second check box item 'Always > trust people's valid keys' ? > > Does that option cancel your 3 options for full, marginal, unknown > trust levels? > No, it's the other way round: Currently the options don't affect each other (which might be wrong). That is: - - I can select to auto send encrypted emails to people for which the keys have unknown trust although "always trust" is NOT selected. - - I was thinking about some alternatives, though. One is that if not "always trust all keys" is selected I disable the last (two) options. That would be a visual feedback for what you asked. - - Another is that the auto-send-options only ask whether to send encrypted if all keys are known and "trusted" and what "trusted" means is derived from the "always trust all keys" option". In any case I am not sure whether the whole approach I programmed is good/intuitive. So allow me to explain some details of the current implementation: - - Option "always trust all keys" is enabling or disabling the option --trust-model always This is documented in the GPG manual as: > Skip key validation and assume that used keys are always fully trusted. > You generally won't use this unless you are using some external validation scheme. > This option also suppresses the "[uncertain]" tag printed with signature checks when there is no evidence that the user ID is bound to the key. Sounds pretty dangerous (but is often selected). - - My options affect whether and how the Key Validity and Owner Trust columns of the key management are considered. For example, if I need marginal trust, both columns have at least to have that level. (Note that validity/trust is sorted according to: - disabled/revoked/expired - explicit mistrust - unknown trust - marginal trust - full/ultimate trust ) "auto send encrypted" would never happen with keys being in the first two groups. No option should change that IMO. For the other three groups, I have provided the three auto-send-enc-options. However, now we have different trust models (one by GPG and one by the key manager) THis also can be confusing. On the other hand, dealing with what is defined in the key management dialog can be more intuitive than dealing with the rules of the web of trust. Consider for a moment we would have no recipient rules and people don't know the rules of the web of trust. The simple approach for the novice either would be: a) You can disable auto encrypt. Then you have your general default about whether to encrypt which you can change for each mail. b) You can select to auto encrypt if all keys are known (ignoring the trust level, but not mistrust or revoke/expired). This is like selecting "always trust all keys" (and as dangerous) c) You can select to auto encrypt only if keys are known AND you have declared some trust. In my implementation you can either require at least either marginal or full trust. The current approach I implemented gives you this principle, with the behavior that for b) and c) "always trust all keys" doesn't matter. If I give "always trust all keys" a semantics here, the effect would be to let c) and b) behave the same if "always trust all keys" is enabled. May be that's more intuitive. Especially if I disable the last two options when "always trust all keys" is selected. But is all might be too complicated ... (for novices or experts or both?). Hmmm, questions over questions ... As I wrote: I am not sure. Opinions please. Nico > ------------------------------------------------- Philip Jackson > Tel : (+33) 468 49 80 53 GnuPG Public Key : 0x23543A63.asc > > On 20/04/2014 19:35, Nicolai Josuttis wrote: >> The new model provides different options to auto send encrypted >> based on the owner trust of the keys. > >> Options are roughly: - never auto encrypt (except by rules) - >> always auto encrypt if all keys known (except keys with >> mistrust) - auto encrypt if all keys known and having full owner >> trust - auto encrypt if all keys known and having at least >> marginal trust (yes, the current labels can be improved) > > > > _______________________________________________ enigmail-users > mailing list enigmail-users@enigmail.net > https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net > > > - -- Nicolai M. Josuttis www.josuttis.de -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCgAGBQJTVEZlAAoJEN75/ICKHETQGJIQAN4LUEnuNU5tpkaCxkbgYdaA OyWbrZAdwdymhe2gtTHYGd4nnxxkDEUTqy3Z8IJ55rgsbZyv6dSynLvDzp/IyZ2J FCavlg9STL8OJbmV4pZT6M8j32WNXt2FJO6LdyD11DDQWo6xZwsSmWozmsjdY/cy ul+MXz1kiQgitY5ZfCSGZiMGnkc2VilfLBB9o6DytcqTcRQDIKU26A0g6G6m+Ci8 yQdGpftq56kQgMFsLoQo2oM0KhOgjrzQqBoyIQ//7YnN+e8YAWZwFTEJE760kYDb RpD6wXHKgkgibd72Jm/hPRJQK31wDPZWovbalUiALpBSIfMbPsa5bssnDF5+CzG5 NK7NGC7CB9jCW4vBw6O7RMbNMbH1OaB296I5VPJ05vMOa9ObbFaVgU1TtYtvYa1y KjVpghg1vqPgWsm5YwC6/jmrZMxadLsF3rDHNARLhv/Lw3Q9Dt6RYg4s0xFm887s XNwgXIK/JL4PeCdBDPXdBC/BdQvAM3xfsSXG1QC5zonfjgiJ3VKiRmq2P52YSPrh vxM5RENah3KwVG4p2y+RGTpgHYjmDQYExqtW0jMJhC0rXiI+SkoQm3chBG6Ec6kt y9qD4AAS3+UKz3PwaJWVB+nD0W/qf1uXEHJpTVTgrpPVakA78zhN8NtPoxbSYUvy 6eNI5T/Dz5BhYlfLkS0E =/IwI -----END PGP SIGNATURE----- _______________________________________________ enigmail-users mailing list enigmail-users@enigmail.net https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net