[Enigmail] General Opinion and unverified bug

Ian Mann ansus at neomailbox.ch
Mon Mar 9 04:56:37 CET 2015


I had no problems installing and implementing PGP via Enigmail and Thunderbird all on my own. Granted the new user interface in 1.8 is heaps more intuitive than the 1.7 version. What I am struggling to say is that if an older. inexperienced, person like me can install and use it, why should it be an issue for the journalists this lassie is training.

I just don't have the issues this lassie is talking about, and I am bewildered by her remarks. I don't know technically how encryption works, and I don't much care to find out. All I know is it works fine and is simple to use. I suppose you have to get your head around the idea of a two key process, and get folks Public Keys to encrypt to them, but that isn't a big issue in my opinion.

Maybe I am missing her point somehow.

Ian

My Public Key 0xD6EE9490 for PGP Encryption can found at
https://pgp.mit.edu/

Setting up PGP encryption is simple
https://whyencryptemail.net/


On 09/03/15 14:32, Robert J. Hansen wrote:
>> I know that, there were already discussions about the (GnuPG) 
>> terminology of Enigmail. I don't think that an addon, which should 
>> easily provide signing and encrypting mails for the masses, should
>> use very technical terms, which are coming from a "low-level" tool
>> for rather tech-savy people like GnuPG. Just use abstractions. The
>> users on Layer 8 just wants to know, if they can trust an e-mail or
>> not. Or if they are doing it right or not.
> This is your prejudice.  Until and unless you've done a statistically
> significant polling of a representative cross-section of users, you just
> don't know.  If the people you're training are like this, great, but
> please don't assume your experiences are representative of either the
> userbase or the trainerbase.
>
>> When recieving a signed email there are only four possibilities: 1.
>> the message is manipulated (wrong signature)
> No.  99% of bad signatures are actually attached to untampered emails.
> This is why we cannot conclude based on a bad sig that the message has
> been changed.
>
>> In the first case, you can just show a huge red bar, telling the
>> user, that the message can't be trusted.
> No.  You show them a message saying the integrity is not assured.  This
> is semantically different.
>
>> This makes not much sense to me. It's even irrational to me. And I
>> tell you why:
> At this point it has been explained to you many times, in great detail.
> I no longer care whether you understand it, and I never cared about
> your approval of my choice.  Drop it.
>
> _______________________________________________
> enigmail-users mailing list
> enigmail-users at enigmail.net
> To unsubscribe or make changes to your subscription click here:
> https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.enigmail.net/pipermail/enigmail-users_enigmail.net/attachments/20150309/44e802af/attachment.html>


More information about the enigmail-users mailing list