GPA development

Werner Koch
Wed, 21 Jun 2000 08:24:42 +0200


On Tue, 20 Jun 2000, Jan-Oliver Wagner wrote:

> a) Keyring management and the management of files management are largely
> different tasks. They should be divided into separate tools.
Agreed - however it should also work as a standalone tool.
> Note that this might be very difficult in practice.


> b) The keyring management dialog should transparently show
> all important information in one window.
Not all - Did you read the Whitten report on the PGP GUI. One important thing is still missing: An option (which is enabled by default) to suppress most information - the standard mode; the other information should only be shown in expert mode.
> 6. Show a nice counter/clock to give a visual impression on the
> remaining time of passphrase validity.
I don't understand this. There is no such concept of a passphrase validity.
> d) Help for novice users:
All are very important.
> So what can we do in the next few days?
I don't know - I will be away from all computing equipment from tomorrow to Monday morning.
> trust levels:
> Unknown
> don't trust
> trust marginally
> fully trust
Please don't mix up the trust level and the key validity: I prefer to say "assigned owner trust" for the 4 leveles you give. They are parameters needed to calcualte the validity of a key - the answer on the question "how far do you trust the owner of this key to correctly sign other keys and whether she understands all the implications" [quite long question and not easy for the user]. For the calculated validity (sometimes also called trut in GnuPG :-() there should be only 2 values: o Key is valid o Key is NOT valid The use of the term "valid" has been proposed by some folks who regulary do courses on PGP and this should make it much easier for a user to understand what this mesag is about (who understands what: "The key is marginally trusted"? - replace it by the key is NOT valid).
> and should I commit all changes in Exp branch (when they compile
> and are stable)?
Sure. Werner -- Werner Koch OpenPGP key 621CC013 OpenIT GmbH tel +49 211 239577-0 Birkenstr. 12 email D-40233 Duesseldorf