-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Thanks for the feedback.
Am 04.05.2014 14:41, Philip Jackson schrieb/wrote: > On 04/05/2014 14:00, Nicolai Josuttis wrote: >> Hi, > >> please look at the attached dialog. You can see a couple of new >> feature that all should help users to set encryption options. > >> Without explanation: - Is it self explaining? - Any improveents? > >> I especiylla wonder about the text of the middle button 'Thorough >> encryption' Alternative names are: Careful encryption Accurate >> Encryption Elaborated Encryption (I don't want to have 'Safe >> encryption' because that raises too many questions). What would >> you prefer? > > I haven't seen the interface you mention BUT.... > > I would avoid 'thorough', 'careful', 'accurate' : these three in > English will imply that they are an alternative to 'careless' or > 'shoddy'. Any and all encryption is expected to be thorough and > careful and accurate, and 'safe'. Any exceptions that might be > anticipated would be put down to human error or (in the case of > 'safe') to the greater expertise of an adversary and not to a > deliberate choice on the part of the sender. > >> Just as a explanation: - Convenient encryption would select: - >> accept ALL keys (trust-model always) - auto send encrypted if I >> have accepted keys - Confirm before sending: never - Thorough >> encryption would select: - accept only valid keys (WoT model) - >> never automatically send encrypted (except rules) - Confirm: >> always > > I fear that it will be difficult to find a choice of 2 short labels > for your 'convenient' and 'thorough' buttons which will be clear > and not misleading. It's not the goal to be perfect, The goal is to let user choose easily a matching model. So the general choice is: - - I want to encrypt and prefer the convenient way - - I want to encrypt and prefer the careful ways (non-convenient) That's something people can understand (IMO). Anything in more detail is simply frustrating for the average user, who just wants to replace sending emails as postcards by sending them as letters. > Perhaps the 'convenient' could be labelled 'handy but with risks' > and 'thorough' could be labelled 'thoughtful'. > I am feeling pretty strong about convenient (or may be handy) currently, because that's exactly what it is. And while I agree that careful sound as opposite to careless, it is important to note that this button has a context: The other button 'convenient'. So consider both options in the face of the facts that these two options are what you can choose from and not isolated. > In any case, I fear that a complementary explanation will be > required in the form of a 'help' button to explain to beginners the > subtleties of the decision making process required to chose between > the two options. > That's why there is a help button ... ;-) The explanations are already there. To quote what I programmed yet: - ------------------------------------------------------------------------------ Enigmail Help Defining Preferences to Send Ecrypted In the Sending Preferences you can choose your model for encryption. There are choices because in general two options are possible: *Convenient Encryption* With these settings, emails are encrypted whenever possible. This is like sending emails as letters instead of postcards. Unlike postcards letters usually hide their contents while in transit. However as with letters, you can't be sure that nobody is opening the letter while it is in transit, but some technical effort is necessary for that. Technically, the risk is that you accidentally use "faked keys" you got from somewhere or somebody claiming that the key belongs to the person you want to send emails to. *Thorough (Careful/Accurate/Elaborated) Encryption* With these settings, email are encrypted using only keys you can trust (either signed by you or signed by people you trust). This follows the default trust model of PGP, which accepts keys as "valid for encryption" only, if you explicitly signed them or enough people you trust signed them. While this model eliminates some additional risks, it requires that you actively sign keys and declare owner trust. If you just want to switch from sending emails without encryption to sending emails encrypted whenever possible, convenient encryption is probably your choice. If it is key for you that content you send encrypted can't be read by other people or organizations, choose thorough encryption. - ------------------------------------------------------------------------- - -- Nicolai M. Josuttis www.josuttis.de -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) iQIcBAEBCgAGBQJTZjpaAAoJEN75/ICKHETQL2YP/1cnr6CcNkG1diyhVKuaThw0 ZkAoJw8ZwM/HEVCTB3ZLBg9z36iqTx4jIzvgliDB/m1AF5C/ItrGrmiyFxfBuSU4 obN3mFap7jMYMic004Ve+KO8GW4U5Iqg30G2kXO0QisAFxsVc1jbsuXVgSSbiRfd eFO8ln3SbzlkqFrjrbwnvA2ztIvnvr3LT09fAwXJAUA7MArFIuRCLQfdf4TISbB8 pCfKCduxklmCvxE5rlijXtoD6K9zun9MwYphaMcV1bDUeFrlr/qrkEGNfCxJQV8O VZRZ1txTk1P5LkgfgbTu5W/JWwiuhW+EEqQekDiPQardj7WKRIJVyO5AmOo45KrH Gyasml3xBxS4NQzQFktpXgm4oEVc3diTNIjjtxU2OTopIJyOYZTnIAtgYx9WsWF+ uLMCPzC35787n+q7nQvSR+LfE6MwsNAIfd5zptDpK/eLaUzj6EJp8oJw00Idp5nd c1DMLUcUb4yAjJXzdw7mz/pYP0oq6ItVL/oRvtLgmnEv8Kdl2sCOa9trfwQOg38B RchB3BWghR+S8qwPpZzwHfcqL5QZEqg6+9jSTz8EDytFUBhNw9jXYe30m5QYyCtp trmjkKPrx7u9dwZjclBeOeSpYp8NxTK88SaIm5bbq1nHES417q1RSeLiM9p1xIaL LETR08Estm2y/uUm9ior =hulU -----END PGP SIGNATURE----- _______________________________________________ enigmail-users mailing list enigmail-users@enigmail.net https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net