signing keys

[Bernhard Herzog]

Werner Koch <wk@gnupg.org> writes:

> The signing key dialog does not make sense:  It is nice that you can
> choose the your secret key used to sign it but I consider this as an
> advanced feature. 

What else would you do if there are several secret keys? Only use the
default key (which is automatically selected when the sign dialog comes
up)?

Of course, you could say that the simple interface rarely will have to
deal with several secret keys and that it should display the list only
when really needed. In other words, that the simple interface can assume
that there is only one secret key.

> The really important part is missing:  The dialog
> does not present you the fingerprint and the user IDs of the key to
> be signed - it is absolutely essential to do this in a very user
> friendly way.  This is main goal of a OpenPGP key management tool.

At the moment all selected keys will be signed. I didn't relly change
anything in that dialog other than moving the "sign locally" check box
from the keyring editor window to the key sign dialog.

For the simple interface and perhaps for the advanced one as well it is
probably better to only sign keys one at a time. You have to check the
keys you sign carefully anyway, so not being able to sign several keys
at once is probably not much of a nuisance.

Anyway, showing the fingerprint and UIDs of the key(s) to be signed is
definitely important.

   Bernhard

-- 
Intevation GmbH                                 http://intevation.de/
Sketch                                 http://sketch.sourceforge.net/
MapIt!                                               http://mapit.de/