moving user ID Comments to --expert mode

Robert J. Hansen rjh at sixdemonbag.org
Thu Feb 3 23:10:58 CET 2011 

On 2/3/11 4:30 PM, Daniel Kahn Gillmor wrote:
> my "user survey" is from several years of trying to personally help
> dozens of people of all skill levels learn how to use OpenPGP for secure
> messaging.  Regardless of the intelligence or technical savvy of the
> people i've personally helped get more comfortable with OpenPGP, i
> believe all of them have been baffled by the Comment: prompt.

I'm in a similar position to you, except this is my twentieth year of
helping people with PGP.  (I started way back in 1991, when PGP first
came out and was distributed friend-to-friend on floppy disks... five
and a quarter floppy disks.)

I have never seen anyone be baffled by the 'Comment:' prompt.  Some
people have asked, "What should I type here?", and I usually explain,
"nothing, just hit return," and they do.  Those who ask what the
"Comment" field means generally understand it very quickly.

The problem with using anecdotal evidence as opposed to surveys is
there's all different kinds of cognitive biases that go on inside the
mind of the person relating the anecdote.  With surveys, you can go back
to the original documents and say, "User #4 said this: what do we think
about this user's remarks?"

Ultimately, I think arguing from anecdote that "we need to change the
comment prompt" is unpersuasive.

> If anyone thinks that removing this prompt would be a Bad Thing, I would
> love to have a clearer explanation of the Comment prompt that i could
> refer to when i try to de-baffle people in the future.

"Just like a user ID allows you to tell people your email address and
your real name, it also lets you put a note in there in case there's
anything else you really want people to know.  You can skip this: just
hit 'return.'"

> I invite you to look through the User IDs in your own keyring, from the
> perspective of a potential certifier, and ask yourself "what does it
> mean for me to certify these comments?"

Zero.  Comments don't get certified.  All my signature means is I have
met this person face to face, have seen two forms of government
identification, have confirmed a fingerprint and exchanged an email at
that address.  There's nothing in my signature policy that addresses
comments, nothing at all.

> Omitting the baffling prompt entirely would be the most terse, which is
> what i propose.  Do you object to that?

Without a good basis, yes, I do.  If you change this prompt you will
also break a ton of scripts that expect this prompt.  Not only that, but
since key generation is a rare occurrence the breakage may occur months
or years after the change is made.  This isn't something to be done lightly.

> Yes, that would be an improvement over the current situation.  i suspect
> it will cause a non-negligible proportion of users to use the string
> "optional" as their comment, but you can't win 'em all :(

You can't prevent people from being gratuitously foolish idiots.  Some
people think they're tremendously clever by doing things like this, and
they'll continue to do it no matter how you change the user interface.
It is unwise to Fisher-Price the interface in the hopes of preventing
fools from being clever.

More information about the Gnupg-users mailing list