Re: [Enigmail] light grey on white background is too difficult to read
On 2016-12-21 05:02, Patrick Brunschwig wrote: > On 21.12.16 10:09, Harald Dunkel wrote: >> Would you mind to provide more contrast on your web pages, >> e.g. on https://enigmail.net/index.php/en/faq?view=topic=14 ? >> I find the light grey font on a white background *extremely* >> difficult to read. > > Thanks, fixed. > >> Other pages are OK wrt contrast, but they could be improved as >> well, for example by avoiding anti-aliases techniques on displays >> with 1920x1200. A precise and easy-to-read font is more important >> than a "pretty" font with thin lines. > > The font is a standard Web font provided by Google It's not *that* standard. My machine doesn't have it. (It's available, but not installed by default.) > and displays very nicely on my Mac. I don't know how the web site > could influence the anti-aliasing features of your browser. It looks like crap here. I posted a detailed analysis in this list previously[1], including screen shots. Please read it. 1: https://admin.hostpoint.ch/pipermail/enigmail-users_enigmail.net/2016-November/004180.html -- Matthew ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] REPLACE the eye-challenging gray text on website
On 2016-09-06 15:34, Ludwig Hügelschäfer wrote: > On 06.09.16 18:08, Doug Barton wrote: >> On 09/04/2016 06:24 PM, Jim Wyman wrote: >>> Please STOP using gray text on the white background on your website. >>> (...) >> >> While I certainly agree with your sentiments, I'm not seeing grey text >> on the enigmail web site. Can you give some example URLs? > > The only page which I can think of in this context is the FAQ > http://enigmail.net/index.php/en/faq?view=category=11 where we have > grey on white text. Heh. Haven't been reading this list for a while, just now looking at this... *Wow*, that page is terrible! The (effective) contrast is way, way too low. The text is also really ugly. The problem is hinting. The Enigmail pages are missing hinting, which makes text look sharp. This seems to be an artifact of the effective font (Deja Vu Sans ExtraLight), and stems from the use of a very low font-weight as specified by the CSS. See attached screen shots. In "ugly", the text is barely legible and the lack of hinting results in obvious artifacts. In "better", I have disabled the font-weight rule, resulting in text that is much more legible. Besides drastically reduces artifacts, I think another problem is that without hinting, the extremely light font weight results in almost never having a pixel "fully covered" by the glyph, which may be why the text is "gray" for the OP. (Certainly, it is making the contrast much, much worse on the FAQ page.) I don't think such a low font-weight should be applied to most of the text. It's tolerable on the larger text of headings (although the lack of hinting still makes them more ugly than necessary), but for small text, the low font weight also has the effect of lowering the contrast. -- Matthew ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] No more "Untrusted Good Signature"s
On 2015-09-22 14:30, Patrick Brunschwig wrote: > I think that expired and revoked are mostly irrelevant, and actually > ill displayed in Enigmail today. The state doesn't depend on whether > the key is expired or revoked _today_. What matters is whether the > key was valid at the time of signature creation. For *signing*, yes. For *encryption*... then it gets a bit weird. Encryption with a revoked key should be flagged as a problem *no matter what*, even for old messages. If the key was revoked because it was compromised, then any messages sent with that key are potentially readable by an attacker, regardless if they were sent before the key was revoked. Encryption with an expired key is more debatable; expiration doesn't necessarily mean that the key is compromised, but it also doesn't necessarily mean that it isn't. It's probably easiest to show IA state based on the state of the keys when the message was sent, and show P state based on the *current* state of the keys. (There really ought to be a user-adjustable revocation date when revoking a key, so that one can identify the time at which a key became compromised.) -- Matthew ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] No more "Untrusted Good Signature"s
On 2015-09-23 14:17, Robert J. Hansen wrote: > I already don't like "authenticity", so you'll have an easy time with > this one. I'm not sure "integrity" is a better alternative, though. > From Google: > > "Integrity: (n) 1. the quality of being honest and having strong moral > principles; moral uprightness. 2. the state of being whole and undivided." > > dictionary.reference.com gives these three: "1. adherence to moral and > ethical principles; soundness of moral character; honesty. 2. the state > of being whole, entire, or undiminished. 3. a sound, unimpaired, or > perfect condition." Wiktionary: 2. The state of being wholesome; unimpaired 3. The quality or condition of being complete; pure 4. (cryptography) With regards to data encryption, ensuring that information is not altered by unauthorized persons in a way that is not detectable by authorized users. Now I realize the point of this exercise is to use a *non*-technical term... but still... That said, wiktionary defines authenticity as: 1. The quality of being genuine or not corrupted from the original. -- Matthew ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] No more "Untrusted Good Signature"s
On 2015-09-22 13:18, Robert J. Hansen wrote: > When processing a message for which there's no corresponding > certificate, Enigmail should try and fetch the certificate > automagically. If successful, great. 90% or more of the time it'll > succeed, and thus 90% of this problem goes away. > > If the message is signed, there's no local copy of the sender's public > key, and it can't be found on the keyservers -- then that's a critical > and unrecoverable problem, and gets the big red X. Hmm... I feel like this has come up before, and there have been noises made by people that don't want keys to be fetched automatically. Similarly, some people may not upload their keys to public servers. That said, maybe it's okay using the same icon for an invalid signature as for a signature that can't be verified. -- Matthew ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] No more "Untrusted Good Signature"s
On 2015-09-21 17:28, Mike Acker wrote: > On 2015-09-21 16:57, Robert J. Hansen wrote: >> Privacy: a lock. If the message was encrypted, the lock icon is in >> color; if it wasn't, the icon is grayed-out; if it was encrypted to an >> expired certificate, the lock icon is in color but has a red X over it. ("Expired *or revoked*"?) > the element you are missing is: > >* message is signed >* no local copy of sender's Public Key >* what action do you want to take ? As much as I'm inclined to agree with limiting the number of states, it's hard to argue this point. What about a pen with '?' over it? -- Matthew ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] No more "Untrusted Good Signature"s
On 2015-09-20 12:58, Phil Stracchino wrote: > A Privacy red-flag is a little harder to quantify. About the only case > I can think of is if a message is encrypted, but with a key that has > been revoked or does not match the claimed sender. But this should > probably be considered an Authenticity failure. No, actually you were right the first time. Authentication is based on the integrity of the SENDER'S private key. Encryption is based on the integrity of the RECEIVER'S private key(s). So, if I send a signed, encrypted message one or more recipients, one of whom has a compromised key, the message may well be authentic (which we can verify if the sender's key is trusted), but an attacker may be able to read it. I could certainly imagine this happening if someone sends you a message encrypted using an old public key of yours that you happen to know is compromised, because the sender is not aware that it is compromised / revoked. (In fact, privacy is the only state that can change after the fact. If I send you a message and it is authentic, that is a past event that cannot be changed. If an encryption key is compromised, a message that was previously private may no longer be private.) > Should a message that is encrypted but unsigned be considered an > Authenticity failure - or at least an authenticity warning? Encrypting a message and authenticity (signing) are orthogonal; ergo, whether or not a message is encrypted should not affect reporting of authenticity. -- Matthew ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
[Enigmail] (Bug) Enigmail notices illegible in some color schemes
The signature verification/warning banner at the top of messages is illegible when using a light-on-dark color scheme; see attached. Hard-coding the foreground color as well as the background color would be an improvement, but please note that some users have trouble reading dark text on a light background. It would be best if the colors are configurable, or at least adapt to the user's color scheme. -- Matthew ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
[Enigmail] gmane + signing (was: New 1.8 toolbar on the composition window)
On 2015-03-18 03:23, Doug Barton wrote: I am conducting an experiment in the efficacy of PGP/MIME signatures. This message should be signed. If it is not, or the signature does not validate, please let me know how you received this message (direct, or to a list) and the mail software you use. Thanks! Huh. I see a signature.asc attached, but no other indication that your message is signed. Using TB 31.4.0 with Enigmail 1.7.2 (both as provided by Fedora 20). Note that I am interacting with the list via [news://news.gmane.org/gmane.comp.mozilla.enigmail.general]. I get warnings (due to missing public keys) for inline signing. Seems like I should see the same for your message if Enigmail was recognizing that there is an attached signature... -- Matthew ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] spontaneous change of message status
On 2015-03-13 10:45, Philip Jackson wrote: On 13/03/15 08:28, Patrick Brunschwig wrote: On 12.03.15 20:38, Philip Jackson wrote: Using Thunderbird 31.5.0 with Enigmail version 1.8a1pre (20150312-0013) on linux. snip For this spontaneous change to occur, one needs these factors to exist : 1. the 'To' field is in red type (with a red cursor) 2. the 'To' field must be completed and not left blank 3. the spontaneous change in message status occurs around five or six minutes into the creation of the email - the body can be blank or partly filled. Could it be triggered by auto-saving a draft message? Thanks Patrick - you're spot on ! After all the years of using it, I didn't even know Thunderbird did periodic backups. I've never seen a backup directory in the file system nor in the profiles. However, it was doing a backup every 5 minutes. (Draft mails go in a local drafts folder that presumably is stored the same way as any other mail folder. You can also view the folder from within TB, same as any other.) Further testing shows pretty well that the automatic backup is linked with a change in the settings in the Enigmail Encryption and Settings dialog box. Prior to the backup interval, only the sign check box was ticked. After the backup interval, the encrypt box was ticked and the sign box was blank. The message becoming encrypted may be a symptom of drafts being saved encrypted. This *ought* to be decoupled from whether or not the message is ultimately *sent* encrypted, but I'd believe a bug exists here. I might also believe that signing is the same way; probably the draft is not signed (that seems rather silly, after all). Again, this *ought* to be decoupled from how the message is finally sent, but... The change induced by Thunderbird seems to be one way only : sign - encrypt. It doesn't reverse itself back to 'sign only' after a further backup period. But if you reset to 'sign only', after another backup period, it flips again to encrypt. That isn't surprising if what's happening is the settings for how the draft is saved are overwriting how you've asked the mail to be sent... -- Matthew ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] From Circumvention
On 2015-03-06 15:16, David wrote: I am confused by this request. What difference does it make if 'someone else' knows whose public is on your public keyring? Hello, David, I am a keyserver administrator. Please send me your complete address book. Thanks! (I hope I make my point? I'm *not* especially paranoid, and I'd have at best mixed feelings about publishing a list of people with whom I correspond to a third-party server. Think about how people *whose lives depend on encryption* are likely to feel about doing so...) -- Matthew ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net