Page MenuHome GnuPG

Adding a free-form note tab to cert listing in Kleopatra
Closed, InvalidPublic

Description

Moved from
https://wald.intevation.org/tracker/index.php?func=detail&aid=6553&group_id=11&atid=129
(reported by Don Francesco):

Some of the certificates listed in Kleopatra have been possibly entered by the
user only during a short-term engagement with another party.

After a while the user may see many certs in the program's store without
remembering the situation whereby he needed this or that cert, thus leading to a
cert list populated with certs no longer needed.

The requested feature would attach a free-form note tab to each listed cert,
possibly in the Certificate Details form, thus enabling the user to comment on
the reason for importing a specific cert. This will help the user to decide
whether to delete that specific cert from the program store when no longer
needed or to keep it for a future use.

----

Datum: 22.07.2014 08:10
Sender: Bernhard Reiter

Thanks for the suggestion!
Here are some random thoughts:

I wonder if there are other solutions for the problem.
One could be to list certificates based on usage. Then a user may just delete
certificates when they are unused for a longer while.

Another issue I have is with the proposed solution of a comment: Some users do
not exclusively use Kleopatra, so the comment would have to be saved close to
the certificate, which means within the crypto backend and its certficate store.

Instead of a free field comment, maybe a number of tags would also work.

Another solution could be that the crypto client application, that handles the
communication could add more comments,

Best Regards,
Bernhard

---

Datum: 24.07.2014 10:38
Sender: Don Francesco

I really appreciate the thoughts you have listed.

My comments on your thoughts:

  1. Usage indicator may not convey a cert need or importance - one may have a

very low intensity interaction with a specific sender, but would want to engage
when a message from that sender comes through.

  1. I really haven't thought about interoperability with other applications, but

now thinking about this, a simple external comments store (text/XML file, SQLite
or whatever), linked to Kleo cert/key store, may suffice for a Kleo user. When
exchanging certs with other apps, the user may lose the associated comments, but
this may be acceptable if he doesn't do it too often.

Note: It would be nice if upon importing certs/keys into Kleo, all existing
comments in the proposed Kleo/External store will auto-correlate to imported
certs/keys.

  1. Tags instead of free field comments - looks to me as perfectly OK, provided

that there is a sufficient field length - e.g. 80-120 char long.

  1. Handling by the crypto client app - I think that since the cert/key manager

is Kleo, I wouuld like to see there all the comments associated with its
cert/key store. Not only this is a more clean and appropriate mechanism, when
Kleo is used stand-alone to verity sigs and enc/dec files, there are no other
clients involved.
In addition, there are many client apps that do not provide such a comment
mechanism.

Again, thank you for the discussion.

Event Timeline

marcus added a subscriber: marcus.

The TOFU trust model gives some more information about certificate usage. Beyond that I don't think this is well defined to be actionable in the backend.