Page MenuHome GnuPG
Create Task
Maniphest T6808

Libkleo Keyresolver: misleading display/wording in confirmation dialog
Open, NormalPublic
Actions

Description

As described here https://dev.gnupg.org/T6683#176429 the displayed information here may be misleading:

This is seen (after a explaining/warning window) when sending a signed mail with "prefer S/MIME" but no S/MIME certificate.

Confusing are:
a) the text "Identität und Integrität nicht bestätigen" ("Don't confirm identity and integrity")
b) the "VS-NfD compliant" in the bottom left corner (I know it is supposed to mean that the installation is compliant, but...)
c) the green OK button

For a)

  • Ingo suggested "Don't confirm identity and integrity of the email"
  • My idea would be to add to that "/ Don't sign the email". Which might be a bit long, I admit...

For c) I suggest either a (functioning) red button or one without color and without shield icon

Details

Version
VS-Desktop-3.1.90.267-Beta

Related Objects

Event Timeline

ebo created this task.Nov 10 2023, 12:30 PM
ebo added a project: vsd.
aheinecke added a subscriber: aheinecke.Nov 13 2023, 9:11 AM

I am mostly sure that for the majority of our users "sign" means the "signature" of the email. So the bottom text below an email so I try to avoid that wording as much as possible. It is only visible in the "advanced" sub options of GpgOL which I think should only interest people who actually know what the context "sign" means when clicking the button "sign".

What I would definetly want to change is that: As long as we do not encrypt we should show nothing regarding VS-NfD compliance or not.

Regarding the wording. I am fine with with it as is. Above it says: "Confirm identity foo@bar.baz:" and below it offers options how to confirm this identity. And if you can't confirm the identity it offers "Do not confirm identity"

Well ok maybe let us make it a bit more verbose:
"Do not confirm sender identity and content integrity of this email."
"Absender-Identität und Inhalt-Integrität dieser Mail nicht bestätigen."
That should fit into the default size.

But please avoid the use of "signature" anywhere in the mail context. For files it is okay IMO but for mails this word is already taken.

aheinecke triaged this task as Normal priority.Nov 13 2023, 9:12 AM
ikloecker added a subscriber: ikloecker.Nov 13 2023, 9:26 AM

I like the explicit check boxes in the file encryption dialog more than this "hidden" combo box entry. (BTW, the file encryption dialog says "sign as" and "prove authenticity (sign)" but in this case there's little potential to confuse "sign" with email signatures. The wording should probably still be unified.)

aheinecke added a comment.Nov 13 2023, 9:34 AM

Well the checkbox is before this dialog. This dialog only comes up if you have checked sign or if your administration has checked sign for you (which they _should_ only do if they also ensure to give you a certificate). But usually this should not come up this way.

ikloecker raised the priority of this task from Normal to Needs Triage.Jan 19 2024, 11:49 AM

I'm putting this back to triage because I cannot act on this ticket. There's way too much text and the outcome what should be done is unclear. Either rewrite the description so that it tells the reader concisely what should be changed and how it should be changed. Or, maybe better, create a new ticket referring to the discussion in this ticket and close this ticket.

werner added a subscriber: werner.Jan 30 2024, 11:11 AM

I guess we should put this on the agenda for our next RL meeting.

werner triaged this task as Normal priority.Jan 30 2024, 11:14 AM
werner edited projects, added to-be-discussed; removed vsd.