[kmail2] [Bug 326476] add a request for advocating crypto to the crypto configuration

Sat Dec 14 10:25:41 GMT 2013

https://bugs.kde.org/show_bug.cgi?id=326476

--- Comment #3 from stakanov at freenet.de ---
Hi Hauke. 
Well, whatever floats your boat, for me they are similar. As a Kmail user
however, I do just know "what" to advice to install e.g. in Thunderbird, albeit
I have just one time seen what it looks like, IMO very invisible).
I agree user should be advocated for encryption of email (although I have to
say that as long as distributions install with KDE listening with X as root on
6001 and 6002 .... talk about security). What I would like to warn however is
to use of a KDE island solution and of non consistent terminology. Whatever
aspect you take there is a huge confusion out there, right from users that I
try to begin to dive into it:
FAQs are: why is there Kleopatra and Kgpg and what is their relationship. Can I
use them together in the same moment, will they collide. Where should I store
keys etc. . If you enrich other programs with encryption and with your
initiative,  the look and feel of all these solutions should be to some extend
similar, which is difficult to achieve.  That goes even to the use of wording.
Private key, public key, secret key. For some time KGPG proposed the dialogue
"export secret key" for exporting the public one. And if you import a public
key the program states "one secret key imported". An anecdote: at the end I
found a friend that did export her "private key" because she wanted to be
private and she was afraid to post here "secret" key which was the public one.
IMHO we shall begin  to create already a homogenization and to build up a base
of consent, of all stakeholder, on a coherent wording that is "intrinsically
safe" that is, does not result in misunderstanding. So a kind of root cause
analysis and the proposal on the gpg list of using "certificate" for the public
key could be a good idea. That said, IF all stakeholders are CONSISTENTLY
agreeing on it. 
So yes, you may do a pop-up window with a link to a site explaining
cryptography. And yes, very good idea to propose a "standard" signature to
promote the use of encryption. By the way this should be fairly easy to achieve
for one flavor of software. But here if I well understand one is talking of KDE
and your problem, if I well understand, when referred to thunderbird (not
developed any more AFAIK but widespread), claws, evolution etc. cannot possibly
be solved through  KDE bugzilla?  So it may be nice to set up something like
this more centrally, with GPG makers in coordination with all projects. 
If you want to avoid an island solution, I guess, that is then the way to go.
Just a thought.

-- 
You are receiving this mail because:
You are the assignee for the bug.