Signature semantics

Robert J. Hansen rjh at
Tue Nov 4 17:28:28 CET 2008

> (no reason that gnupg can't be 'better' than what open-pgp'
> requires, as long as gnupg is 'compatible')

Idiot-proofing is a very bad idea.  Systems cannot be made idiot- 
proof, since we're constantly developing higher and better grades of  
idiots.  Systems can be made user-friendly; they cannot be made idiot- 

(As an example of what suggestions like this lead to in practice, look  
at Vista's User Access Control.  HCI studies have shown UAC does not  
provide better security.  UAC is designed to give users a last chance  
opportunity to prevent programs from running with elevated privileges,  
but it does not actually do this.  UAC was not designed to train users  
to blindly click "Yes" without thinking at all about what they're  
doing, but that's what it actually does.)

More information about the Gnupg-users mailing list