phrase "UNTRUSTED good signature" is dangerously misleading

Hauke Laging mailinglisten at hauke-laging.de
Sun Jul 14 18:34:48 CEST 2013


Am So 14.07.2013, 17:05:09 schrieb Werner Koch:

> Thus we better don't change something which has done its
> job okay for many years.

Measured by what? After all the claim of this thread is that it does its job 
badly.


> In any case, the non-experienced user is expected to use a different
> user interface than gpg on the command line.  Thus all improvements
> should go into the GUI, which has more ways to explain what is going
> on.

I would accept that as a good solution (would suggest some additions to the 
documentation, though) but that is obviously conflicting with the Enigmail 
team's position. But with this clear statement the IMHO only reasonable 
decision by the Enigmail team is to change their policy.


Hauke
-- 
Crypto für alle: http://www.openpgp-schulungen.de/fuer/bekannte/
OpenPGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 572 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20130714/b52309b5/attachment.sig>


More information about the Gnupg-devel mailing list