UI terminology for calculated validities
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Fri Apr 25 19:02:05 CEST 2014
On 04/25/2014 09:23 AM, Mark H. Wood wrote:
> What about abandoning terms of art and just saying things more simply:
> "This message was signed by key AAAAAAAA. You have indicated that you
> trust that key."
trust that key to do what? to belong to some mystery person? to make
valid OpenPGP signatures? to send you good stock tips? to be a
reliable source of cryptographically-signed tasty noodle casserole
recipes? to be controlled in an operationally secure fashion? to have
been created on the date it claims to have been created?
we're all aiming for clarity and simplicity here, but using a simple
ambiguous term when we need to distinguish at least two very specific
cases from each other and from many other meanings of the word "trust"
seems like a recipe for failure (instead of noodle casserole).
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1010 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20140425/03991216/attachment.sig>
More information about the Gnupg-users
mailing list