> But user-facing software shouldn't be exposing unverified IDs *at all*. > Enigmail now sort-of does this...
As the guy who was largely pushing that on Enigmail ... although I strongly sympathize, there's a rock here and a hard place there. UX is not driven by the users we *might* have: it's driven by the users we *do* have. The users we do have *do not want to switch*. I think that after investing so much in learning the current system, users tend to develop powerful opinions the UX should just be left alone please don't fix a thing. Imagine you have this certificate: + Kate 0xDECAFBAD +-- Kathryn Carver 0xDECAFBAD (That is to say, a primary userID of Kate, and one other UIDs using her full name.) Now throw that into a whole bunch of other certificates and render them in a GUI toolkit. All rows are collapsed by default. Now ask a user to find the certificate associated with Kathryn Carver. 90% of users will click on the "Name" column header to sort by name, will survey the Ks, and then say "she's not in the system." (And yes, I found this in a usability study I did in '07 with Tristan Thiede and Juan-Pablo Hourcade.) Clearly there's a problem here. Obviously the way we present certificates to users is broken and wrong. But God help you if you change the way you present certificates: some people will complain loudly and the vast majority of users just won't consider switching. Change is hard, and I have no good answer for that. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users