Page MenuHome GnuPG

Libkleo Keyresolver: misleading display/wording in confirmation dialog
Testing, NormalPublic

Description

As described here https://dev.gnupg.org/T6683#176429 the displayed information here may be misleading:

This is seen (after a explaining/warning window) when sending a signed mail with "prefer S/MIME" but no S/MIME certificate.

Confusing are:
a) the text "Identität und Integrität nicht bestätigen" ("Don't confirm identity and integrity")
b) the "VS-NfD compliant" in the bottom left corner (I know it is supposed to mean that the installation is compliant, but...)
c) the green OK button

For a)

  • Ingo suggested "Don't confirm identity and integrity of the email"
  • My idea would be to add to that "/ Don't sign the email". Which might be a bit long, I admit...

For c) I suggest either a (functioning) red button or one without color and without shield icon

Edit: see https://dev.gnupg.org/T6808#185527 for the approved changes

Details

External Link
https://invent.kde.org/pim/libkleo/-/merge_requests/99
Version
VS-Desktop-3.1.90.267-Beta

Event Timeline

I am mostly sure that for the majority of our users "sign" means the "signature" of the email. So the bottom text below an email so I try to avoid that wording as much as possible. It is only visible in the "advanced" sub options of GpgOL which I think should only interest people who actually know what the context "sign" means when clicking the button "sign".

What I would definetly want to change is that: As long as we do not encrypt we should show nothing regarding VS-NfD compliance or not.

Regarding the wording. I am fine with with it as is. Above it says: "Confirm identity foo@bar.baz:" and below it offers options how to confirm this identity. And if you can't confirm the identity it offers "Do not confirm identity"

Well ok maybe let us make it a bit more verbose:
"Do not confirm sender identity and content integrity of this email."
"Absender-Identität und Inhalt-Integrität dieser Mail nicht bestätigen."
That should fit into the default size.

But please avoid the use of "signature" anywhere in the mail context. For files it is okay IMO but for mails this word is already taken.

I like the explicit check boxes in the file encryption dialog more than this "hidden" combo box entry. (BTW, the file encryption dialog says "sign as" and "prove authenticity (sign)" but in this case there's little potential to confuse "sign" with email signatures. The wording should probably still be unified.)

Well the checkbox is before this dialog. This dialog only comes up if you have checked sign or if your administration has checked sign for you (which they _should_ only do if they also ensure to give you a certificate). But usually this should not come up this way.

ikloecker raised the priority of this task from Normal to Needs Triage.Jan 19 2024, 11:49 AM

I'm putting this back to triage because I cannot act on this ticket. There's way too much text and the outcome what should be done is unclear. Either rewrite the description so that it tells the reader concisely what should be changed and how it should be changed. Or, maybe better, create a new ticket referring to the discussion in this ticket and close this ticket.

I guess we should put this on the agenda for our next RL meeting.

werner edited projects, added to-be-discussed; removed vsd.

RL discussion result:

  • No green button but a colorless Okay, go ahead.
  • No VS-NfD note.
  • Change text to "Do not sign this mail"
TobiasFella set External Link to https://invent.kde.org/pim/libkleo/-/merge_requests/99.May 10 2024, 2:25 PM
TobiasFella moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.May 13 2024, 2:46 PM
TobiasFella changed the task status from Open to Testing.Aug 8 2024, 10:55 AM
ebo moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.Tue, Oct 1, 3:55 PM