[Enigmail] New 1.8 toolbar on the composition window

Doug Barton dougb at dougbarton.email
Wed Mar 18 21:00:14 CET 2015

On 3/18/15 9:01 AM, Patrick Brunschwig wrote:

> I should add that one of the outcome if the usability study we had
> last year showed that this is an important function and that such a
> button was missing -

Was that study published anywhere? If not, can you make it available? I 
would love to know what the arguments were that lead to this conclusion.

> especially for beginners who don't want/need to
> know Enigmail and the concepts of public key encryption well.

As I said to Daniel, I'm not sure that you're drawing a line for "not 
knowing the concepts well" that is going to lead these theoretical new 
users down a path that will lead to success.

I am all for making tools easier, and giving users better documentation, 
etc. But there is a certain amount of fundamental knowledge that users 
need to have in order to do this. Trying to substitute smarter tools for 
better user education is not only not going to succeed, it's likely to 
fail in spectacular ways.

> To summarize this discussion: there is often a trade-off between
> usability and other aspects in a system (space, transparency,
> configuration, etc.). I strongly believe - and many agree on this -
> that we need to improve usability, even if it's at the cost of other
> aspects).

Again, I'm not arguing against that general principle. I'm arguing 
against some of the specific steps that you've taken.

> I'm not so worried about the users we have as they seem to
> live quite OK with what we had. I'm much more concerned about the
> users we don't have yet, or that we lost because Enigmail was too
> difficult or not intuitive enough.

"Intuitive" is a dangerous word in the UI design world. There is nothing 
which is truly "intuitive" about computers, or their user interfaces. 
What most people mean when they refer to that word re UI design is "It 
looks/works like something I have used before."

The problem when it comes to cryptography is that we have no analogs for 
it in other disciplines. It's a unique beast, with its own rules, own 
vocabulary, and its own challenging concepts to master. You can't make 
enigmail "intuitive," ever. It's a fool's errand.

> Encryption only matters if can be applied by the masses.

But that's never going to happen. "The masses" don't care, and never 
will. In fact, I've spoken to people who have said they would NEVER 
encrypt ANYTHING because they don't want people to think that they have 
something to hide. When I explain to them how https works and why they 
don't want their credit card number going to amazon in the clear they 
hem and haw about that sort of thing being an exception to the rule.

And please note, I desperately wish I was wrong about this. I've been 
pushing the cause of mass encryption for almost 20 years now. There 
simply is no demand for it.

... and please note, I'm *not* saying that we should make the tools for 
experts only. I agree that we should make them easier to use, and over 
the years I've suggested several features for enigmail in just that 
regard (such as opportunistic encryption).

> As today's screens get larger and larger,

Sorry, you're off base again here. More and more "computing" is pushing 
to small screens, tablets, phablets, and phones. A lot of experts think 
that we're approaching the tipping point in less than 5 years. 
Thunderbird and Enigmail become more anachronistic every day. The whole 
philosophy that taking up more space on the screen is Ok is wrong.

> I don't believe that we
> waste a lot of real estate on the screen, given how much more
> intuitive the new buttons are compared to the old version.
> Whether or not you like (some of) the new buttons and the toolbar as
> such is first of all a matter of taste. I think the new version is a
> lot better than the old one, and I would not want to go back to the
> old layout.

Please understand that "going back to the old layout" is not what I'm 
suggesting at all. Here's what I am:

1. Tidy up the new "encrypted" and "signed" icons so that they are not 
fuzzy, and match the existing style better.

2. Move those 2 new icons up to the Composition toolbar. That way you 
get the new icons, and the new and improved status indications that they 
provide, "for free," with no additional screen real estate consumed.

3. The new enigmail toolbar should contain only the text indicator if 
the message is signed and/or encrypted. It should also be narrower, off 
by default, and provided as an option in the enigmail advanced 
preferences menu.

4. I would also argue that the status in the enigmail toolbar should 
show both signing and encrypting status, ala, "This message will/will 
not be signed, and will/will not be encrypted"  For the Circumvention 
crowd knowing the state of both properties is critical, and the fact 
that the "alarm bells" go away when the message is merely signed could 
be disastrous.

You'll notice that there is no default "attach my key" button in my 
proposal. :)  Providing that as an optional button that can be added to 
either toolbar is an excellent middle step for those that find the 
existing two options too difficult, or too confusing.

hope this helps,


I am conducting an experiment in the efficacy of PGP/MIME signatures.
This message should be signed. If it is not, or the signature does not
validate, please let me know how you received this message (direct, or
to a list) and the mail software you use. Thanks!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <https://lists.enigmail.net/pipermail/enigmail-users_enigmail.net/attachments/20150318/f8baac34/attachment.sig>

More information about the enigmail-users mailing list