On Thu 2017-11-09 16:30:45 +0100, Werner Koch wrote: > On Mon, 6 Nov 2017 11:46, whi...@posteo.net said: > >> Why not display exactly what GnuPG reports concerning a signature? Leave >> it up to the user to make his own value judgments. > > That is what I was about to reply ;-). > > In fact we have spend weeks of work to come of with a useful > representation of signature stati. Not everything has been implemented > but eventually we will update our evaluation of the status as > represented by the GPGME_SIGSUM_ flags. > > See > > https://wiki.gnupg.org/EasyGpg2016/AutomatedEncryption > https://wiki.gnupg.org/EasyGpg2016/OutlookUi
There's a lot of text on both of these pages. I haven't read them all.
But the first page does say:
There should only be prominent information when reading a signed mail if:
There is additional information that the sender really is the
intended communication partner. (Level >= 2)
In other words, we do not display that a message is unsigned, and we
do not display that a message has a bad signature. These are treated
equivalently. (See below.)
This sounds roughly equivalent to what Patrick wrote to me. And not at
all like what Whitey is suggesting. So i think i misunderstood your
reply to this thread earlier -- i had read you as agreeing with Whitey
when i read the thread offline and didn't have access to the wiki links
above.
Apologies for the confusion!
--dkg
signature.asc
Description: PGP signature
_______________________________________________ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
