Page MenuHome GnuPG

Kleopatra: Import secret key dialog improvement
Open, NormalPublic

Description

When importing a single secret key, you are asked if this is your own key, to decide if the owner trust is set to ultimate or not.
This question may confuse people if they import a shared key (which is done for reading encrypted mail to functional mail addresses).

If people answer "No", as they should, they may wonder what to do with this certificate in order to use it, as it is now marked "not certified". The answer would be that they need to certify it with their own key.

last Edit 2025-02-20:
To lead the user to the solution we want to open a certification dialog after they click "No".

For the import dialog we need a text variant for keys with one vs. with more UIDs.

Singular:

You have imported a certificate with a secret key. 
Fingerprint: XXX
User ID: ABC

Are you the only user of this secret key?

Yes, I am the only user / No, others also use this key

Plural

You have imported a certificate with a secret key. 
Fingerprint: XXX
User IDs: 
              * ABC
              * DEF

Are you the only user of this secret key?

Yes, I am the only user / No, others also use this key

The certification dialog which opens after choosing "No" should then have a short explanation text at the beginning:

In order to use a shared secret key you should certify it.

Details

Version
VSD 3.3.0

Event Timeline

ebo triaged this task as Normal priority.Jan 31 2025, 12:02 PM
ebo created this task.

Possible explanation text for the user regarding the background of the question (probably to long):

Answering "Yes" means that you are the only owner of this key, it sets the trust in it's certifications and its validity to "ultimate".
"No" means that other people have access to this key, it sets the trust in it's certifications to "unknown". To use the key, certify it with your own key an thereby set the validity to "full".

Shorter version:

"Yes" means that you are the only owner of this secret key.
"No" means that other people have access to this secret key. To use it, certify it with your own.

Reminder: we have to keep in mind the workflow of the import of secret subkeys. Do we need different behavior conditional on "is primary key present" or not?

In T7502#198141, @ebo wrote:

Reminder: we have to keep in mind the workflow of the import of secret subkeys. Do we need different behavior conditional on "is primary key present" or not?

I guess the import of a (subkey) will be an update of the already existing certificate. I'm not sure if we bother the users with questions when a certificate was updated or if we only ask them questions when a new certificate was imported.

Background of my "reminder" comment: we were discussing to establish a sane workflow for sharing keys. Which is quite commonly done e.g. for functional mail addresses, but usually people seem to share the whole secret key which is not advisable. We would want people to only share subkeys for that purpose.
It was the case that somebody gets a subkey for such an "offline" primary for the first time which I was thinking of.

And yes, we should only ask questions for new primary keys, be they on- or offline keys.

So the better phrasing would probably be: Should the question on importing a certificate be different in case of importing a certificate for an offline primary key including private subkeys?

"Exclusive user" sounds a bit odd and could still be misinterpreted. A native speaker would probably say "Are you the sole user of this secret key?“ or (even better and shorter) "Are you the only user of this secret key?"

German version: "Sind Sie der alleinige Nutzer dieses geheimen Schlüssels?" oder "Sind Sie die einzige Person, die diesen geheimen Schlüssel nutzt?"

HTH :)

Also, we should not forget the context of the whole dialog in the window. So we get the wording right, especially regarding key / certificate.

Current status of deliberations (the numbers are for reference only):

  1. You have imported a certificate with fingerprint XXX and user IDs ABC.
  2. Are you the only user of its secret key?
  3. If this secret key is shared with somebody, you should certify it with your own key.
  4. Yes / No
  1. needs a singular/plural differentiation, its currently always plural.
  2. The explanation should maybe better be left out, as it probably makes the meaning of Yes/No unclear. In that case the following certifications window might be a surprise.
  3. is one button less than currently, as the "cancel" button does not make sense IMHO. Ok, it could do the same as No but without bringing up a follow up certification window…

Here are some ideas:

1. I agree, the software needs to distinguish between singular and plural. :) Here are some ideas for the dialog:

Singular:

You have imported a certificate with fingerprint XXX and User ID ABC.
A certificate with fingerprint XXX and User ID ABC has been imported.
Successfully imported certificate: Fingerprint XXX, User ID ABC.

Plural:

You have imported multiple certificates with fingerprints XXX and User IDs ABC.
Certificates with fingerprints XXX and User IDs ABC have been imported.
Successfully imported certificates: Fingerprints XXX, User IDs ABC.

Unless we have to start with "You have...", the "Successfully imported" phrasing is nice, because it avoids subject-verb agreement issues and it keeps the structure the same for both cases, making localization and UI implementation easier. Also, it's short and direct (in case space is limited). Many other applications use this style for notifications and status messages, e.g. "Download complete", "Update installed", etc.

2. please note that it should be "this secret key", not "its".

If the explanation in the dialog makes the Yes/No choices unclear, it might be better to leave it out or refine the wording to be more explicit. Maybe we can improve clarity:

Option 1: Keep the question, clarify the buttons:

Question:
"Are you the only user of this secret key?"

Buttons:

Yes, I am the only owner
No, others also use this key

This way, users don't have to guess what "Yes" or "No" actually mean.

Option 2: add a short in-dialog explanation:

Question:
"Are you the only person who uses this secret key?"

Explanation (small text below the question):
"If others also use this key, you need to certify it with your own key."

Buttons:

Yes
No

3. I agree, the "Cancel" button may be redundant because it doesn’t offer a meaningful alternative to "No." If the user selects "No," the system already prompts him/her to certify the key, which is the expected next step. If "Cancel" does the same as "No" but just skips the follow-up window, it might be unnecessary.

Singular:

You have imported a certificate with secret key. 
Fingerprint: XXX
User ID: ABC

Are you the only user of this secret key?

Yes, I am the only user / No, others also use this key

Plural:

You have imported a certificate with secret key. 
Fingerprint: XXX
User IDs:  
             * ABC
             * DEF

Are you the only user of this secret key?
Yes, I am the only user / No, others also use this key

You have imported a certificate with secret key.

-> with a secret key

ebo renamed this task from Draft: Kleopatra: Import secret key dialog improvement to Kleopatra: Import secret key dialog improvement.Thu, Feb 20, 1:59 PM
ebo updated the task description. (Show Details)