Re: [Evolution] possibly stupid PGP/GPG display question



As other people said, the plan is to have some sort of unforgeable
indicator there saying whether it's validly signed or not.

We're still not quite sure what it will be, so if people have ideas, let
me know. :-)

The are two main constraints. First, obviously, the indicator has to be
something you can't forge with an HTML message (and note that GtkHTML
supports animated GIFs). Second, if the user gets a message containing
both valid signed messages and invalid signed messages, you want them to
be able to see and understand those details, preferably without any more
work than if they'd received the messages separately. (Examples: a
multipart/digest containing both valid signed messages and invalid
signed messages, or a valid signed message which contains a forwarded
message with an invalid signature.)

Ideally, it would be possible to for the user verify the signature
without having to do anything special like clicking on a button or
whatever. But that's hard to combine with the "arbitrary number of
signatures" constraint, because you can't just put a single message-wide
yes/no icon in the message list or something like that.

-- Dan




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]