On Thu 2017-11-09 16:30:45 +0100, Werner Koch wrote: > On Mon, 6 Nov 2017 11:46, whi...@posteo.net said: > >> Why not display exactly what GnuPG reports concerning a signature? Leave >> it up to the user to make his own value judgments. > > That is what I was about to reply ;-). > > In fact we have spend weeks of work to come of with a useful > representation of signature stati. Not everything has been implemented > but eventually we will update our evaluation of the status as > represented by the GPGME_SIGSUM_ flags. > > See > > https://wiki.gnupg.org/EasyGpg2016/AutomatedEncryption > https://wiki.gnupg.org/EasyGpg2016/OutlookUi
There's a lot of text on both of these pages. I haven't read them all. But the first page does say: There should only be prominent information when reading a signed mail if: There is additional information that the sender really is the intended communication partner. (Level >= 2) In other words, we do not display that a message is unsigned, and we do not display that a message has a bad signature. These are treated equivalently. (See below.) This sounds roughly equivalent to what Patrick wrote to me. And not at all like what Whitey is suggesting. So i think i misunderstood your reply to this thread earlier -- i had read you as agreeing with Whitey when i read the thread offline and didn't have access to the wiki links above. Apologies for the confusion! --dkg
signature.asc
Description: PGP signature
_______________________________________________ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net