Bug: Unusable key

gabriel rosenkoetter gr at eclipsed.net
Mon Feb 9 20:48:35 CET 2004

Please don't Cc on public replies to posts to mailing lists. I read
the mailing lists.

On Mon, Feb 09, 2004 at 05:19:58PM -0800, Chris Fox wrote:
> gabriel rosenkoetter wrote:
> | On Mon, Feb 09, 2004 at 10:41:28AM -0800, Steve Butler wrote:
> | I really don't like this extremist, all or nothing approach. It's
> | very easy for that error message to cite a few of the *probable*
> | reasons (expired, revoked, maybe a subkey) and save the user time in
> | figuring out what broke. It's really just not necessary to cover all
> | the bases for the error messages to be qualitatively better.
> I think the idea that an informative error message will help a hacker is
> malarky.  Anyone trying to hack is going to be stepping through the gpg
> source code in a debugger and is not even going to be *reading* the
> error messages.

Please reread what I wrote there. You are exhibiting exactly the
extremist attitude that I'm referring to. There's a huge spectrum of
users between the completely innocent user and the "hacker". Most of
that spectrum would be aided by more specificity in the error
message. The extreme new-user end would only get anything out of
detailing every single possible problem and telling them what to do
about it. The extreme "hacker" end just wants a number. There's a
WIDE SWATH of users in the middle (speaking as one of them).

> I vote for a completely detailed explanation to the user.

Great. All or nothing. Lovely. Exactly the thing that will result in
no change at all, since it's incredibly difficult to accurately
report what the problem was, and reporting all the theoretically
possible problems is a so much information as to be totally useless.

gabriel rosenkoetter
gr at eclipsed.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 186 bytes
Desc: not available
Url : /pipermail/attachments/20040209/62d4a115/attachment-0001.bin

More information about the Gnupg-users mailing list