[Enigmail] New 1.8 toolbar on the composition window

Doug Barton dougb at dougbarton.email
Wed Mar 18 06:39:06 CET 2015

On 3/17/15 8:00 PM, Daniel Kahn Gillmor wrote:
>> On 18/03/15 12:43, Doug Barton wrote:
>>> Were the buttons for encrypt and sign moved up to their own toolbar
>>> instead of the old icons at the bottom because the latter was too
>>> subtle? Would it not make more sense to put them in as default
>>> buttons on the Composition toolbar? Also the icons used seem very
>>> fuzzy to me.
> the icons at the bottom were two small for most people to notice, and it
> was not clear that users could interact with them.  The toolbar is an
> improvement, even at the cost of extra screen real estate.

I buy that argument, but it seems much more reasonable to me to make 
sign and encrypt buttons that show up in the composition toolbar. This 
would mean that we get the same usability improvement, but no additional 
screen real estate would be necessary.

>>> The "Attach My Public Key" button is almost certainly a bad idea, as
>>> it will cause new users to think that this is an action that should
>>> be done frequently, rather than rarely.
> This is one of the most common actions that new users *should* take,

Um, since when? Hasn't the CW always been to have the user upload their 
key to a key server? If they are corresponding with someone who isn't 
smart enough to get the key Id from the signature, the new user can 
simply send the fingerprint to their correspondent, and they can 
download the key that way.

In all the years of experience I have with enigmail I've never used this 
feature once. And just about every new user I've run into who has used 
it simply checked the box because they couldn't think of any reason not to.

Sending your public key is a very infrequent thing that only new users 
need to do. Putting that front and center in the enigmail toolbar seems 
to be an odd choice to me.

> since their correspondents don't have their key yet.  I've hesitated in
> the past to ask people to send me their key because i didn't want to
> have to ask them to dig in the menu.  This makes it much esier.

You shouldn't be asking them to send you their key. See above.

>>> And given that most of my messages are unsigned and unencrypted I
>>> find the big red message to be ... offputting to say the least. Do we
>>> really want to encourage routine signing?
> I see this as comparable to browsers degrading the UI for http:
>    http://www.chromium.org/Home/chromium-security/marking-http-as-non-secure

Um, no, that's not the same thing at all. It's quite disturbing that you 
don't see the many ways that they are different.

Routine *encryption* has some similarities to deprecating http vs. 
https, but we already have the opportunistic encryption feature. That 
feature should be enabled by default (if it isn't already).

> This is entirely a good thing.  The red warning will go away if you
> encrypt, even if you don't sign.
> If we don't want to encourage routine signing, maybe the warning could
> stay red as long as it's unencrypted?  Or maybe it could be:

I'm sorry, but this is total nonsense. Routine signing is a BAD idea. 
Messages sent to mailing lists cannot be encrypted. And I use 
thunderbird for business communication where I cannot do either, ever.

With all due respect to those who obviously put a lot of work into this 
new feature, I think it's at best ill-advised, and is likely to be 
actually harmful.


I am conducting an experiment in the efficacy of PGP/MIME signatures. 
This message should be signed. If it is not, or the signature does not 
validate, please let me know how you received this message (direct, or 
to a list) and the mail software you use. Thanks!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <https://lists.enigmail.net/pipermail/enigmail-users_enigmail.net/attachments/20150317/3ce4b0c5/attachment.sig>

More information about the enigmail-users mailing list