Usability issues with S/MIME plugin
Werner Koch
wk@gnupg.org
Fri Jun 6 14:01:02 2003
On Fri, 6 Jun 2003 13:02:11 +0200, Bernhard Reiter said:
> because the you have to tell the user
> who is facing the problem to make this work
> how to do this. :)
And offer him a little chance to think about what is going to do.
Usually you have to do further investigations to figure out whether
the fingerprint of the root CA is really the certificate you
ultimately trust. Immediatley checking the website is not a good idea
because it might have been de-faced already, so for due diligance one
should wait a week or look at independent sources of the root CA's
fingerprint - nothing you can do between 2 clicks.
But well, that is theory and almost all users won't care about this.
So the double check as it is now implemented should be good enough.
Shalom-Salam,
Werner
--
Werner Koch <wk@gnupg.org>
The GnuPG Experts http://g10code.com
Free Software Foundation Europe http://fsfeurope.org