[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kmail-devel
Subject:    Re: [PATCH]: SLightly change a few strings
From:       Marc Mutz <Marc.Mutz () uni-bielefeld ! de>
Date:       2001-11-30 15:09:13
[Download RAW message or body]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Friday 30 November 2001 15:23, Magnus von Koeller wrote:
<snip>
> I don't know but I think I have a problem with this. Basically all
> keys that I have are untrusted. Just look at this list! Where would I
> get a trusted public key from? So I really think it's a problem if
> it's the same color as 'can't be checked due to missing key' because
> a missing key is in fact much more untrusted than an untrusted key
> that I download from a keyserver.
<snip>

The reason for three colors is the traffic light metaphor:
I don't think Ingo thought much about what colors to use, but 
immediately came up with red, yellow, green. Likewise, the user will 
draw the same conclusions:

Green: All is OK and I can be certains about it.
Yellow: All seems to be OK, at least you don't have to worry.
Red: There's something wrong.

Basically, red and green are reserved for keys you signed or trust. 
Yellow is for everything else, since there you can't say much about the 
validity of the signature anyway. Now one only needs to think about 
whether we show red or yellow when an invalid signature from and 
untrusted key is encountered. I would make this config'able, because 
it's nice to have the red color reserved for cases where it matters 
(e.g. a Debian package maintainer will want to disable red for 
untrusted keys).

Leaving the realm of the traffic light metaphor by introducing another 
color does not help the user: In fact, it makes the use of colors 
awkward and hard to comprehend for the user. You could then also go 
back to just displaying a message, since the colors don't carry any 
meaning for the inexperienced user anymore.

BTW: Magnus, you can get a bunch of certificates from people that matter 
(w.r.t. your day-to-day correspondance) when you come to LinuxTag or 
CeBIT to let c't and KDE people sign your key.

Marc

- -- 
"You're hackers, aren't you," the barman said, eyeing us. No one said
a thing. The darkness of the Eurotunnel rolled by. Apparently we'd
given ourselves away by talking too enthusiastically about IPv6. He
looked around conspiratorially, lowered his voice. "Can you get me
some credit card numbers?"
      -- James J. King "What's the shortest way to hack a Linux box?"
         Telepolis 2001/08/11 (#9293)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE8B75S3oWD+L2/6DgRAgkWAJ4oByKdkH0VT3mNa+mAUMlqtLgP9QCfQeFz
IBpcfuT75E9hdPhy6Id+isY=
=21ef
-----END PGP SIGNATURE-----

_______________________________________________
kmail Developers mailing list
kmail@mail.kde.org
http://mail.kde.org/mailman/listinfo/kmail

[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic