-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Thanks for the feedback.
Am 04.05.2014 14:41, Philip Jackson schrieb/wrote:
> On 04/05/2014 14:00, Nicolai Josuttis wrote:
>> Hi,
>
>> please look at the attached dialog. You can see a couple of new
>> feature that all should help users to set encryption options.
>
>> Without explanation: - Is it self explaining? - Any improveents?
>
>> I especiylla wonder about the text of the middle button 'Thorough
>> encryption' Alternative names are: Careful encryption Accurate
>> Encryption Elaborated Encryption (I don't want to have 'Safe
>> encryption' because that raises too many questions). What would
>> you prefer?
>
> I haven't seen the interface you mention BUT....
>
> I would avoid 'thorough', 'careful', 'accurate' : these three in
> English will imply that they are an alternative to 'careless' or
> 'shoddy'. Any and all encryption is expected to be thorough and
> careful and accurate, and 'safe'. Any exceptions that might be
> anticipated would be put down to human error or (in the case of
> 'safe') to the greater expertise of an adversary and not to a
> deliberate choice on the part of the sender.
>
>> Just as a explanation: - Convenient encryption would select: -
>> accept ALL keys (trust-model always) - auto send encrypted if I
>> have accepted keys - Confirm before sending: never - Thorough
>> encryption would select: - accept only valid keys (WoT model) -
>> never automatically send encrypted (except rules) - Confirm:
>> always
>
> I fear that it will be difficult to find a choice of 2 short labels
> for your 'convenient' and 'thorough' buttons which will be clear
> and not misleading.
It's not the goal to be perfect,
The goal is to let user choose easily a matching model.
So the general choice is:
- - I want to encrypt and prefer the convenient way
- - I want to encrypt and prefer the careful ways (non-convenient)
That's something people can understand (IMO).
Anything in more detail is simply frustrating for the average user,
who just wants to replace sending emails as postcards by sending them
as letters.
> Perhaps the 'convenient' could be labelled 'handy but with risks'
> and 'thorough' could be labelled 'thoughtful'.
>
I am feeling pretty strong about convenient (or may be handy)
currently, because that's exactly what it is.
And while I agree that careful sound as opposite to careless,
it is important to note that this button has a context:
The other button 'convenient'.
So consider both options in the face of the facts that
these two options are what you can choose from and not isolated.
> In any case, I fear that a complementary explanation will be
> required in the form of a 'help' button to explain to beginners the
> subtleties of the decision making process required to chose between
> the two options.
>
That's why there is a help button ... ;-)
The explanations are already there.
To quote what I programmed yet:
-
------------------------------------------------------------------------------
Enigmail Help
Defining Preferences to Send Ecrypted
In the Sending Preferences you can choose your model for encryption.
There are choices because in general two options are possible:
*Convenient Encryption*
With these settings, emails are encrypted whenever possible. This
is like sending emails as letters instead of postcards. Unlike
postcards letters usually hide their contents while in transit.
However as with letters, you can't be sure that nobody is opening the
letter while it is in transit, but some technical effort is necessary
for that.
Technically, the risk is that you accidentally use "faked keys"
you got from somewhere or somebody claiming that the key belongs to
the person you want to send emails to.
*Thorough (Careful/Accurate/Elaborated) Encryption*
With these settings, email are encrypted using only keys you can
trust (either signed by you or signed by people you trust). This
follows the default trust model of PGP, which accepts keys as "valid
for encryption" only, if you explicitly signed them or enough people
you trust signed them.
While this model eliminates some additional risks, it requires
that you actively sign keys and declare owner trust.
If you just want to switch from sending emails without
encryption to sending emails encrypted whenever possible,
convenient encryption is probably your choice.
If it is key for you that content you send encrypted
can't be read by other people or organizations,
choose thorough encryption.
- -------------------------------------------------------------------------
- --
Nicolai M. Josuttis
www.josuttis.de
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)
iQIcBAEBCgAGBQJTZjpaAAoJEN75/ICKHETQL2YP/1cnr6CcNkG1diyhVKuaThw0
ZkAoJw8ZwM/HEVCTB3ZLBg9z36iqTx4jIzvgliDB/m1AF5C/ItrGrmiyFxfBuSU4
obN3mFap7jMYMic004Ve+KO8GW4U5Iqg30G2kXO0QisAFxsVc1jbsuXVgSSbiRfd
eFO8ln3SbzlkqFrjrbwnvA2ztIvnvr3LT09fAwXJAUA7MArFIuRCLQfdf4TISbB8
pCfKCduxklmCvxE5rlijXtoD6K9zun9MwYphaMcV1bDUeFrlr/qrkEGNfCxJQV8O
VZRZ1txTk1P5LkgfgbTu5W/JWwiuhW+EEqQekDiPQardj7WKRIJVyO5AmOo45KrH
Gyasml3xBxS4NQzQFktpXgm4oEVc3diTNIjjtxU2OTopIJyOYZTnIAtgYx9WsWF+
uLMCPzC35787n+q7nQvSR+LfE6MwsNAIfd5zptDpK/eLaUzj6EJp8oJw00Idp5nd
c1DMLUcUb4yAjJXzdw7mz/pYP0oq6ItVL/oRvtLgmnEv8Kdl2sCOa9trfwQOg38B
RchB3BWghR+S8qwPpZzwHfcqL5QZEqg6+9jSTz8EDytFUBhNw9jXYe30m5QYyCtp
trmjkKPrx7u9dwZjclBeOeSpYp8NxTK88SaIm5bbq1nHES417q1RSeLiM9p1xIaL
LETR08Estm2y/uUm9ior
=hulU
-----END PGP SIGNATURE-----
_______________________________________________
enigmail-users mailing list
enigmail-users@enigmail.net
https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
