OpenPGP and usability

Nicholas Cole nicholas.cole at
Thu Aug 9 08:36:21 CEST 2007

On 8/7/07, Robert J. Hansen <rjh at> wrote:

> Problem 1: key signatures.  He says he couldn't figure out what he
> needed to do with the keys.  Did he need to sign them?  Trust them?
> What's validity and otrust again?  Who should be set up as a trusted
> introducer?  Why wasn't the cursed thing working?!  As he said, "I know,
> I knew what needed to be done, but even knowing what needed to be done,
> I couldn't figure out what needed to be done."  Even just talking about
> it, months after the fact, he sounded frustrated.

In my experience, this is one of the biggest hurdles.  One of PGP's
problems from the beginning is that words like "sign" and "valid" have
always been used in several different contexts, and then introduced
all of them to the user at once.

What the (beginner) needs to be told is that, if he wants to tell his
software to use a particular key, he should sign (validate / mark as
genuine) it.  If he is at all unsure about the key he needs to check
the Fingerprint with his contact.  And that's all.

(As an aside: I note that all these social networking sites have a web
of trust of sorts, so the concept is not impossible to present to the
user in a very straightforward way).

Other concepts should be intoduced as features that help larger
organisations, not as something that the user needs to understand
before he even gets started.

The original PGP software also made the mistake of saying this like (I
forget the exact wording now) "This is a GOOD signature from an
Invalid key", which is just unhelpful to the new user.  What it meant
to say was "You have not validated the key that signed this message -
it may or may not be genuine." Or better words to that effect.

Best wishes,


More information about the Gnupg-users mailing list