-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Am 20.04.2014 21:38, Philip Jackson schrieb/wrote:
> Hi Nicolai,
>
> I've downloaded and installed the 1.7a1pre-test version.
> Patrick's link shouldn't just be clicked on though. Firefox
> downloaded it and tried to install and then rejected it as 'not
> being suitable for Firefox' and then presumably deleted it (because
> I couldn't find it in the downloads directory).
>
> However, one question : in the preferences/sending tab, how do
> your new options cohabit with the second check box item 'Always
> trust people's valid keys' ?
>
> Does that option cancel your 3 options for full, marginal, unknown
> trust levels?
>
No, it's the other way round:
Currently the options don't affect each other (which might be wrong).
That is:
- - I can select to auto send encrypted emails
to people for which the keys have unknown trust
although "always trust" is NOT selected.
- - I was thinking about some alternatives, though.
One is that if not "always trust all keys" is selected
I disable the last (two) options.
That would be a visual feedback for what you asked.
- - Another is that the auto-send-options only ask whether to send
encrypted if all keys are known and "trusted"
and what "trusted" means is derived from the
"always trust all keys" option".
In any case I am not sure whether the whole approach
I programmed is good/intuitive.
So allow me to explain some details of the current implementation:
- - Option "always trust all keys" is enabling or disabling the option
--trust-model always
This is documented in the GPG manual as:
> Skip key validation and assume that used keys are always fully
trusted.
> You generally won't use this unless you are using some external
validation scheme.
> This option also suppresses the "[uncertain]" tag printed with
signature checks when there is no evidence that the user ID is bound
to the key.
Sounds pretty dangerous (but is often selected).
- - My options affect whether and how the Key Validity and Owner Trust
columns of the key management are considered.
For example, if I need marginal trust,
both columns have at least to have that level.
(Note that validity/trust is sorted according to:
- disabled/revoked/expired
- explicit mistrust
- unknown trust
- marginal trust
- full/ultimate trust
)
"auto send encrypted" would never happen with keys being in the
first two groups. No option should change that IMO.
For the other three groups,
I have provided the three auto-send-enc-options.
However, now we have different trust models
(one by GPG and one by the key manager)
THis also can be confusing.
On the other hand,
dealing with what is defined in the key management dialog
can be more intuitive than dealing with the rules of
the web of trust.
Consider for a moment we would have no recipient rules
and people don't know the rules of the web of trust.
The simple approach for the novice either would be:
a) You can disable auto encrypt.
Then you have your general default about whether to encrypt
which you can change for each mail.
b) You can select to auto encrypt if all keys are known
(ignoring the trust level, but not mistrust or revoke/expired).
This is like selecting "always trust all keys"
(and as dangerous)
c) You can select to auto encrypt only if keys are known
AND you have declared some trust.
In my implementation you can either require
at least either marginal or full trust.
The current approach I implemented gives you this principle,
with the behavior that for b) and c) "always trust all keys"
doesn't matter.
If I give "always trust all keys" a semantics here,
the effect would be to let c) and b) behave the same
if "always trust all keys" is enabled.
May be that's more intuitive.
Especially if I disable the last two options
when "always trust all keys" is selected.
But is all might be too complicated ...
(for novices or experts or both?).
Hmmm, questions over questions ...
As I wrote: I am not sure.
Opinions please.
Nico
> ------------------------------------------------- Philip Jackson
> Tel : (+33) 468 49 80 53 GnuPG Public Key : 0x23543A63.asc
>
> On 20/04/2014 19:35, Nicolai Josuttis wrote:
>> The new model provides different options to auto send encrypted
>> based on the owner trust of the keys.
>
>> Options are roughly: - never auto encrypt (except by rules) -
>> always auto encrypt if all keys known (except keys with
>> mistrust) - auto encrypt if all keys known and having full owner
>> trust - auto encrypt if all keys known and having at least
>> marginal trust (yes, the current labels can be improved)
>
>
>
> _______________________________________________ enigmail-users
> mailing list enigmail-users@enigmail.net
> https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
>
>
>
- --
Nicolai M. Josuttis
www.josuttis.de
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQIcBAEBCgAGBQJTVEZlAAoJEN75/ICKHETQGJIQAN4LUEnuNU5tpkaCxkbgYdaA
OyWbrZAdwdymhe2gtTHYGd4nnxxkDEUTqy3Z8IJ55rgsbZyv6dSynLvDzp/IyZ2J
FCavlg9STL8OJbmV4pZT6M8j32WNXt2FJO6LdyD11DDQWo6xZwsSmWozmsjdY/cy
ul+MXz1kiQgitY5ZfCSGZiMGnkc2VilfLBB9o6DytcqTcRQDIKU26A0g6G6m+Ci8
yQdGpftq56kQgMFsLoQo2oM0KhOgjrzQqBoyIQ//7YnN+e8YAWZwFTEJE760kYDb
RpD6wXHKgkgibd72Jm/hPRJQK31wDPZWovbalUiALpBSIfMbPsa5bssnDF5+CzG5
NK7NGC7CB9jCW4vBw6O7RMbNMbH1OaB296I5VPJ05vMOa9ObbFaVgU1TtYtvYa1y
KjVpghg1vqPgWsm5YwC6/jmrZMxadLsF3rDHNARLhv/Lw3Q9Dt6RYg4s0xFm887s
XNwgXIK/JL4PeCdBDPXdBC/BdQvAM3xfsSXG1QC5zonfjgiJ3VKiRmq2P52YSPrh
vxM5RENah3KwVG4p2y+RGTpgHYjmDQYExqtW0jMJhC0rXiI+SkoQm3chBG6Ec6kt
y9qD4AAS3+UKz3PwaJWVB+nD0W/qf1uXEHJpTVTgrpPVakA78zhN8NtPoxbSYUvy
6eNI5T/Dz5BhYlfLkS0E
=/IwI
-----END PGP SIGNATURE-----
_______________________________________________
enigmail-users mailing list
enigmail-users@enigmail.net
https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
