https://bugs.kde.org/show_bug.cgi?id=363309
--- Comment #1 from Andre Heinecke <aheine...@intevation.de> ---
I'm not sure how to handle marginal trust in the UI. Is marginal trust really
something we should warn about? I think we need to have this information
available for the advanced user and generally treat marginal keys as "ok".
E.g. in the trusted certificates group there is some trust there and trusted
certificates does not say "Fully trusted certificates ;-) "
I think it is more important to highlight the case where there is no indication
that the key belongs to the UID.
With Tofu this is important because TOFU will return marginal trust with a sub
validity:
Values for VALIDITY are:
- 0 :: conflict
- 1 :: key without history
- 2 :: key with too little history
- 3 :: key with enough history for basic trust
- 4 :: key with a lot of history
I think generally we should stick with the three levels "Green, Yellow and Red"
and make further information available in details and for advanced users.
Here I would say that after a validity of 2 we switch to "green". For
"Encrypting to this certificate" and in some overall "UID validity status
indicator" and "yellow" (or whatever gnupg tells us to do, when verifying
signatures).
Here is what I'm currently proposing to use for the Indicator for Opportunistic
Encryption in KMail:
https://phabricator.kde.org/differential/changeset/?ref=34677
(And what I plan to reuse in Kleopatra for recipient selection)
Pretty unsure about this though.
--
You are receiving this mail because:
You are on the CC list for the bug.
_______________________________________________
Kdepim-bugs mailing list
Kdepim-bugs@kde.org
https://mail.kde.org/mailman/listinfo/kdepim-bugs
