Signature semantics
Robert J. Hansen
rjh at sixdemonbag.org
Tue Nov 4 17:28:28 CET 2008
> (no reason that gnupg can't be 'better' than what open-pgp'
> requires, as long as gnupg is 'compatible')
Idiot-proofing is a very bad idea. Systems cannot be made idiot-
proof, since we're constantly developing higher and better grades of
idiots. Systems can be made user-friendly; they cannot be made idiot-
proof.
(As an example of what suggestions like this lead to in practice, look
at Vista's User Access Control. HCI studies have shown UAC does not
provide better security. UAC is designed to give users a last chance
opportunity to prevent programs from running with elevated privileges,
but it does not actually do this. UAC was not designed to train users
to blindly click "Yes" without thinking at all about what they're
doing, but that's what it actually does.)
More information about the Gnupg-users
mailing list