A bug in version 1.2.1?
Wed Dec 11 17:59:02 2002
-----BEGIN PGP SIGNED MESSAGE-----
On Wednesday 11 December 2002 09:12, Werner Koch wrote:
> On Wed, 11 Dec 2002 08:08:12 -0500, David Shaw said:
> >> There may be warnings ("You have no trustpath to this key that
> >> indicates its validity. Use anyway? [[cancel]] [OK]") or a pref to
> >> switch this off.
> > This is much better of course.
> Given the habit of many users to hit OK without thinking, the current
> way is safer; it forces the user to think about what he is going to
> do (while doing an lsign).
I agree. Allowing encryption to a key without any user verification=20
whatsoever (fingerprint, at the very least?), is bad and causes=20
brain-dead use of gpg. In no time this reaches the point of users=20
relying on their MUA to verify their keys for them, and bitching when=20
they realize it won't.
3DAD 8435 DB52 F17B 640F D78C 8260 0CC1 0B75 8265
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
-----END PGP SIGNATURE-----