It is nearly impossible without reading manuals to know that you can use a Mail Address as a group name and could even use that to set preferences like "prefer S/MIME for this mail address".
For the keyresolver this is easy because if we open the group config for a mail address we can prefill this.
| Status | Assigned | Task | ||
|---|---|---|---|---|
| Open | TobiasFella | T6916 Kleopatra group related improvements | ||
| Open | None | T6914 Kleopatra: Make group feature more visible | ||
| Wontfix | aheinecke | T6915 Kleopatra: Make it more clear that you can use a mail address as a group name |
I'm not sure how to approach this.
[...] use that to set preferences like "prefer S/MIME for this mail address".
I don't see a way of explaining that to a "normal" user in an understandable way. I think that this approach might make sense on a technical level, but we can't expect normal users to configure their encryption preferences this way.
For encrypting messages to mailing lists, i can see this working better, since the relation mailing list <-> group of keys is more obvious. maybe our messaging should be something along the lines of "Create a key group with the name of the mailing list to send encrypted messages"?
Mh, the problem is that this is really a speciality feature which KMail currently has, that you can configure for a contact to prefer S/MIME over OpenPGP even though you have both keys.
For example I have an employee at the BSI, for whom I have both keys. But I know he prefers S/MIME because then he can also read the mails on his IPad and not just on his PC. The whole group feature is currently tailored and communicated towards Mailing lists or groups. But the cool thing is that I could just create a group personX@bsi.bund.de and configure for that person the S/MIME key so that way I would have the same Feature KMail currently has.
But how to communicate without confusing users is a hard question. I think we can resolve this task here. The better user experience will be that we make the group feature accessible from the KAdressbook and the Outlook Address book so you can there get an interface which lets you pick a prefrerred certificate for a person and then internally we create a group where the user does not really sees it as a Group.