[Enigmail] New 1.8 toolbar on the composition window

Doug Barton dougb at dougbarton.email
Wed Mar 18 08:35:03 CET 2015

On 3/17/15 11:46 PM, Robert J. Hansen wrote:
>> Um, since when? Hasn't the CW always been to have the user upload
>> their key to a key server?
> Emphatically: no!
> There are places in the world that will throw you in jail for using
> crypto.  People in these places tend to, and probably are correct to,
> avoid using keyservers for fear they'll come to the attention of the
> local secret police.

I read your report, and others, from Circumvention; and in fact I've 
worked with people in this situation in the past. I understand that they 
have special needs, and I think we should do what we can to help them.

But what percentage of overall enigmail users are they, and how likely 
are they to blindly send their key to a keyserver rather then blindly 
click a button to attach their public key?

I don't see this user community as a driving force for the defaults, but 
perhaps I am missing something?

One interesting thing that I did see coming out of the reports from 
Circumvention is the need for something like the new toolbar to tell 
users in that community that their messages are, or are not 
signed/encrypted. If it were me, I would have created something similar 
to the new toolbar, but just large enough for some 10 pt. type and a 
little border, with nothing but this status information on it. I would 
have made it off by default, but with a check box in the enigmail 
advanced features to add it to the compose window. That way users who 
need this level of reminder/assurance can have it (above and beyond the 
icons changing colors), but users who don't need/want it wouldn't be 
confronted with the angry red letters.

I realize that I may be coming off as negative here, but I don't mean to 
be. The new icons are great, they're just in the wrong place. The status 
bar is not a horrible idea, but it should be off by default, and 
smaller. IMO a little bit of additional refinement would make this 
release both more useful, and more palatable.


I am conducting an experiment in the efficacy of PGP/MIME signatures. 
This message should be signed. If it is not, or the signature does not 
validate, please let me know how you received this message (direct, or 
to a list) and the mail software you use. Thanks!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <https://lists.enigmail.net/pipermail/enigmail-users_enigmail.net/attachments/20150318/0671e025/attachment.sig>

More information about the enigmail-users mailing list