UI non-obviousness
Adrian 'Dagurashibanipal' von Bidder
avbidder@fortytwo.ch
Tue Jul 16 15:01:02 2002
--=-JL2zBYW89MKV+7pHg9qn
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable
Yo!
When verifying a file by only specifying the signature file on the
cmdline, I ask myself if it's good to rely on users finding it 'obvious'
which file has been verified.
Meaning: I think the filename of the verified file should be printed on
the cmdline, so that the user does not need to rely on assumptions
'filename is deduced from signature file name' or 'filename is contained
in signature'.
[avbidder@atlas src]$ gpg --verify linux-2.4.18.tar.bz2.sign
gpg: Signature made Mon Feb 25 20:42:45 2002 CET using DSA key ID
517D0F0E
gpg: Good signature from "Linux Kernel Archives Verification Key
<ftpadmin@kernel.org>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the
owner.
Fingerprint: C75D C40A 11D7 AF88 9981 ED5B C86B A06A 517D 0F0E
[avbidder@atlas src]$
I think a message like 'Good signature from ... on file ...
would be better.
Just a thought.
cheers
-- vbi
--=20
secure email with gpg http://fortytwo.ch/gpg
--=-JL2zBYW89MKV+7pHg9qn
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQA9NBlDwj49sl5Lcx8RAj2LAJwLUiUQjdJYIVpelHRfJHzI535xBACeOrw2
y2z+HrauzHtLL99dCIRh8aY=
=kmHK
-----END PGP SIGNATURE-----
--=-JL2zBYW89MKV+7pHg9qn--