-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 This is a serious usability issue. For me as well as for at least one other person that I communicated with, the error message pops up every time Thunderbird tries to autosave, which by default is every five minutes (unless we set the "owner trust" to "ultimate"). In Thunderbird, automatic saving of drafts is enabled by default, as far as I know (default of "mail.compose.autosave" is true).
For the record: I have configured Thunderbird to routinely send a BCC to myself. Maybe that is playing a role here, but I don't think so. I expect Enigmail to be usable by "mom and pop". Even the improved error message does not help "mom and pop" enough to understand and solve the problem. According to a previos list mail, the 1.8.2 message reads: "'x@y.z' cannot be matched to a valid, not expired OpenPGP key. Please ensure that you have a valid OpenPGP key." What exactly does "valid" mean here? In the key management dialogue, or rather, in the key properties dialogue, what do "valid" and "invalid" keys look like? If the key is not "valid", how do "mom and pop" make it so? Can we design the UI in such a way that they can correctly solve this kind of problem on their own? Am 15.04.2015 um 21:04 schrieb Patrick Brunschwig: > You have to check in the key manager if the key you specified in > the accout settings for Enigmail is valid, fully trusted and not > expired. The message did not mention trust, yet you do. The only way known to me to satisfy Enigmail/GPG is to set the "owner trust" ("How much do you trust the owner of the key to sign other keys properly?") for my own key to "ultimate" (German: "absolut"). (Are there other ways?) If I do this, the value of "Key Validity" (German: "Schlüsselgültigkeit") changes from "unknown" (German: "unbekannt") to "valid" (German: "absolut"). Setting any other "owner trust" value sets the validity to "unknown" (German: "unbekannt"). This coupling of values is surprising to me. Why should the trust I extend to a key signer affect the validity of their key? Note in particular that the description of "owner trust" as a "signing trust" cited above does not talk about the validity of the key itself or about any trust in the key itself. If particular "signing trust" values imply assumptions about the key itself, that should be made obvious, at least with a link to a thorough explanation. Someone who does not want to use the "web of trust" concept, or does not even know about it, should not have to worry about "trust in key signers" at all. I assume that the concept is not technically required to make the encryption and signing work securely. Can someone confirm this? As far as I remember, setting trust for my own key was not necessary before Enigmail 1.8. Can anyone confirm this? I may very well be wrong, but a friend of mine had the same issue, as far as I know. If setting the "key signing trust" is indeed necessary, the error message should state this and hint on how to solve this, or even offer to fix the issue. - - Regards, Rainer PS: Further, I do not understand why I have to *set* validity of and trust in my own key. I do trust my key, from its creation, and this should be the default. This is possibly not an Enigmail issue. The lack of validity and trust may be due to the way I used to import my key, which I do not remember exactly. PPS: In my view, usability is the biggest deterrent in widespread use of encryption (see "Why Johnny can't encrypt"). One person to whom I suggested to use OpenPGP and to whom I offered help to set it up replied that he might as well drill holes in his fingernails to lower his quality of life. Not a nice reaction to my offer, but he has a point. :-) -----BEGIN PGP SIGNATURE----- iQIcBAEBAgAGBQJVMLiMAAoJEI/iM7d3pEsvYNwP/1CIys2VRSs6Ku23wwPCpvbY RbxYfoPdnkXXAEiawG2hX6z7ShDZy2cHzuZ+EeeUsXIJwFaKNp+CY9//aAjK4+P7 a8wOV7Pw1CGODLBUYXhLGiFqpp9yJbA+PR0Us0DeLYMh1ZH5rQxJ7GJkPhT8dPt/ JGd5s00ekX6pJruE36anPdAGE+lJTU9f+3DvukvgRW8q2+aPlF4Z3ZtkRieo7ewe /JjxNoAVK2tHPxiS52RdFkLMEYQMqdgxKO0YaHl1kbCpkl71EtCHnLCQYLpkypMB L7z/iU1gU8MMSq/YBP7lEmbI+l4Lo+AdZnIWzWSHVJUvY73OuyvEuxUMQkTDOrl7 1zHK8nKIVD4jss/+E07gPzI6z/exbFtAwGOliogJZPvS8VcbBVVF6+7a6e3M7fjh p6E8rzatFkPGWDreu1XiTGJRrY6OvMNd9xrFABwUxRImw1+3qBiqmkA9+ZtBqqbY XWtf5fkt+eFKews/GYaWTA6GVaq4q4Kpb3MKNRYdJW1Sn9qcanBcW6XGEmxCeWyN jS2H4nGuz8Shb6C6PnZ2JArMAig8ZZatyB6A4O2SBYUHF1XHOWJ8JmtE8T2+Pjph 1JsEsw6MMNstLFcOXjZjuxJKtbouRIZyjKWFCrmOouaK6wYCaYYpdyqawRUHDHHL x25xy2wg98zzKi+fCU+H =H/h7 -----END PGP SIGNATURE----- _______________________________________________ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net