[Enigmail] New 1.8 toolbar on the composition window
dougb at dougbarton.email
Wed Mar 18 06:39:06 CET 2015
On 3/17/15 8:00 PM, Daniel Kahn Gillmor wrote:
>> On 18/03/15 12:43, Doug Barton wrote:
>>> Were the buttons for encrypt and sign moved up to their own toolbar
>>> instead of the old icons at the bottom because the latter was too
>>> subtle? Would it not make more sense to put them in as default
>>> buttons on the Composition toolbar? Also the icons used seem very
>>> fuzzy to me.
> the icons at the bottom were two small for most people to notice, and it
> was not clear that users could interact with them. The toolbar is an
> improvement, even at the cost of extra screen real estate.
I buy that argument, but it seems much more reasonable to me to make
sign and encrypt buttons that show up in the composition toolbar. This
would mean that we get the same usability improvement, but no additional
screen real estate would be necessary.
>>> The "Attach My Public Key" button is almost certainly a bad idea, as
>>> it will cause new users to think that this is an action that should
>>> be done frequently, rather than rarely.
> This is one of the most common actions that new users *should* take,
Um, since when? Hasn't the CW always been to have the user upload their
key to a key server? If they are corresponding with someone who isn't
smart enough to get the key Id from the signature, the new user can
simply send the fingerprint to their correspondent, and they can
download the key that way.
In all the years of experience I have with enigmail I've never used this
feature once. And just about every new user I've run into who has used
it simply checked the box because they couldn't think of any reason not to.
Sending your public key is a very infrequent thing that only new users
need to do. Putting that front and center in the enigmail toolbar seems
to be an odd choice to me.
> since their correspondents don't have their key yet. I've hesitated in
> the past to ask people to send me their key because i didn't want to
> have to ask them to dig in the menu. This makes it much esier.
You shouldn't be asking them to send you their key. See above.
>>> And given that most of my messages are unsigned and unencrypted I
>>> find the big red message to be ... offputting to say the least. Do we
>>> really want to encourage routine signing?
> I see this as comparable to browsers degrading the UI for http:
Um, no, that's not the same thing at all. It's quite disturbing that you
don't see the many ways that they are different.
Routine *encryption* has some similarities to deprecating http vs.
https, but we already have the opportunistic encryption feature. That
feature should be enabled by default (if it isn't already).
> This is entirely a good thing. The red warning will go away if you
> encrypt, even if you don't sign.
> If we don't want to encourage routine signing, maybe the warning could
> stay red as long as it's unencrypted? Or maybe it could be:
I'm sorry, but this is total nonsense. Routine signing is a BAD idea.
Messages sent to mailing lists cannot be encrypted. And I use
thunderbird for business communication where I cannot do either, ever.
With all due respect to those who obviously put a lot of work into this
new feature, I think it's at best ill-advised, and is likely to be
I am conducting an experiment in the efficacy of PGP/MIME signatures.
This message should be signed. If it is not, or the signature does not
validate, please let me know how you received this message (direct, or
to a list) and the mail software you use. Thanks!
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 473 bytes
Desc: OpenPGP digital signature
More information about the enigmail-users