[Enigmail] Usability issues

[Patrick Brunschwig]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

LeRoy Cressy wrote:
[...]
> 
>> Consequences: what I consider to be the worst attack against
>> OpenPGP--the credibility attack--becomes less of a problem.  Let's say
>> that someone wants to ruin Patrick's credibility.  They create a few
>> bogus certificates, associate them with reprehensible groups, and use
>> them to sign Patrick's key.
> 
>> Now consider what happens if we have a policy of "by default, only show
>> meaningful keys".  Since I would presumably not have certified this
>> (fake, slanderous) neo-Nazi key, the user would never see it.  Only
>> those people whom I trust who have signed Patrick's key would show up.
> 
> 
> Only the owner of a key pair should send a key to a key server.
> you could set up a cron job with a line like
>   gpg --send-key 0x12345678
> to make sure that only your version of your public key is on a key server.
> 
> Also, you should not accept a signature for your key unless you have
> verified the signature like from a key signing party

I agree with both of what you write, but that doesn't solve the problem,
since you can't forbid people allowed to upload a key. I have got almost
all signatures from people I met personally -- but still you won't have
most of the certificates that signed my key ...

I think Robert's proposal (at least this one about hiding unknown
signatures) is very reasonable.

- -Patrick
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.7 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQEVAwUBR162KncOpHodsOiwAQL0mwf7Bx1kTt6YiBQyFAzV9kWyekRiemO9mn/l
kp5l0OhMQlOGInAZ4vNkwHOAa9kB12FPFSNi2QVvqd/ZHcahJiHjCDpPuc/7fdBb
fQiR6+xURzNBuZLfoLP8FNrK1ZelRnD/hqHd8LRyYYBUtfRYjJsUP8XpTKilWE+r
8qGopQbbmvu6r5bFbAyvWB43a4NR9Gg93KhxzdhitP10m+rQEh2n8Ct/5ML62GTJ
CKn1FgALYyTYsjbelbMoB13abT7jo7YkrM+jKCBf/YGtQT+1q4+Ktr9tbBflNtp/
hQNXGFcLDpvmg44cerExUxhSEFYSKOW7sl2NVoOGmP6cUX5E+mp5+A==
=IlCo
-----END PGP SIGNATURE-----