phrase "UNTRUSTED good signature" is dangerously misleading

Robert J. Hansen rjh at
Sun Jul 14 06:01:48 CEST 2013

On 07/13/2013 12:36 PM, Daniel Kahn Gillmor wrote:
> I believe the enigmail authors are already open to patch submissions
> to clarify the distinction between ownertrust and validity, fwiw.

While patches are always welcome, I think I can say (as the UI nerd for
Enigmail) that these patches are exceedingly unlikely to be implemented.

Enigmail's policy is that our messages must mirror GnuPG's messages.
That way users don't have to learn two separate sets of terminology.

If you want this to happen, the proper way to go forward is to convince
the GnuPG developers to change the way GnuPG talks about ownertrust,
good signatures versus verified signatures, and so on.  If GnuPG makes
those changes we will likely mirror them in short order, but for right
now Enigmail has no interest in deviating from GnuPG's messages.

(That said, I agree the good/verified, trust/ownertrust, etc., concepts
are all wrapped up in some thoroughly incomprehensible language.)

More information about the Gnupg-devel mailing list