[Enigmail] Proposed policy

Jan Steffen steffenjan at web.de
Fri Dec 14 06:34:27 PST 2007 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Robert J. Hansen wrote:
> A signature is 'good' if and only if the mathematical transformation
> specified between the hash of the message and the expanded signature
> value is correct.  Otherwise it's 'bad'.
> 
> A signature is 'valid' if and only if it is a good signature coming from
> a certificate which the user has validated.
> 
> A signature is 'trusted' if and only if it is a valid signature coming
> from a person whom the user trusts.

I think these differentiations are important and should be conveyed
better to the user.
I would recommend to combine the signature (good or bad) an the key
(trusted or untrusted) differently.
A message is only validly signed if it has a good sig by a trusted key.
As Robert stated, the word "good" should not be mentioned if the key is
untrusted. Better: "signed by an untrusted key"


> For instance, I might have validated Snidely Whiplash's certificate, but
> I don't trust him at all.  It would be possible to get a good, valid,
> untrusted signature from him... which is really not a very good
> signature at all.  

Ownertrust has its special meaning in the WoT. It only means that you
think the Owner of this key will sign others keys after careful
ID-checking. It does not mean the owner is a "good guy".
"Trusted key" means that you can be quite sure that this key belongs to
the person it claims to. But it doesn't necessarily mean that you should
send him all your money.

These meanings could really be conveyed better by GnuPG/enigmail.

>  If the key is invalid because it lacks a trusted signature, then put up
> a little button next to it which says "Validate", and have that pop up a
> wizard leading people through the signature process.  Whatever.

I don't like that wizard idea too much. It will make many people sign
each and every key they see, because it is the easiest way to get the
annoying warning away. They should bother to understand the WoT-system
and really validate their keys by fingerprint checking.

Jan
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFHYpRzSa1Uad4+pFcRCB0BAJ9Wlq4Bpizq5DfLYqJ9cIxypGTXcACeJWlB
DRn46pCBaGY9hA/+KfTUNfI=
=7eOQ
-----END PGP SIGNATURE-----

More information about the Enigmail mailing list