[prev in list] [next in list] [prev in thread] [next in thread]
List: kmail-devel
Subject: Re: [PATCH]: SLightly change a few strings
From: Marc Mutz <Marc.Mutz () uni-bielefeld ! de>
Date: 2001-11-30 15:09:13
[Download RAW message or body]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Friday 30 November 2001 15:23, Magnus von Koeller wrote:
<snip>
> I don't know but I think I have a problem with this. Basically all
> keys that I have are untrusted. Just look at this list! Where would I
> get a trusted public key from? So I really think it's a problem if
> it's the same color as 'can't be checked due to missing key' because
> a missing key is in fact much more untrusted than an untrusted key
> that I download from a keyserver.
<snip>
The reason for three colors is the traffic light metaphor:
I don't think Ingo thought much about what colors to use, but
immediately came up with red, yellow, green. Likewise, the user will
draw the same conclusions:
Green: All is OK and I can be certains about it.
Yellow: All seems to be OK, at least you don't have to worry.
Red: There's something wrong.
Basically, red and green are reserved for keys you signed or trust.
Yellow is for everything else, since there you can't say much about the
validity of the signature anyway. Now one only needs to think about
whether we show red or yellow when an invalid signature from and
untrusted key is encountered. I would make this config'able, because
it's nice to have the red color reserved for cases where it matters
(e.g. a Debian package maintainer will want to disable red for
untrusted keys).
Leaving the realm of the traffic light metaphor by introducing another
color does not help the user: In fact, it makes the use of colors
awkward and hard to comprehend for the user. You could then also go
back to just displaying a message, since the colors don't carry any
meaning for the inexperienced user anymore.
BTW: Magnus, you can get a bunch of certificates from people that matter
(w.r.t. your day-to-day correspondance) when you come to LinuxTag or
CeBIT to let c't and KDE people sign your key.
Marc
- --
"You're hackers, aren't you," the barman said, eyeing us. No one said
a thing. The darkness of the Eurotunnel rolled by. Apparently we'd
given ourselves away by talking too enthusiastically about IPv6. He
looked around conspiratorially, lowered his voice. "Can you get me
some credit card numbers?"
-- James J. King "What's the shortest way to hack a Linux box?"
Telepolis 2001/08/11 (#9293)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE8B75S3oWD+L2/6DgRAgkWAJ4oByKdkH0VT3mNa+mAUMlqtLgP9QCfQeFz
IBpcfuT75E9hdPhy6Id+isY=
=21ef
-----END PGP SIGNATURE-----
_______________________________________________
kmail Developers mailing list
kmail@mail.kde.org
http://mail.kde.org/mailman/listinfo/kmail
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic