[kleopatra] [Bug 363309] certificates signed through marginal trusted certificates are incorrectly displayed

Tue Aug 9 15:30:49 BST 2016

https://bugs.kde.org/show_bug.cgi?id=363309

Bernhard E. Reiter <bernhard at intevation.de> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|UNCONFIRMED                 |CONFIRMED
     Ever confirmed|0                           |1

--- Comment #2 from Bernhard E. Reiter <bernhard at intevation.de> ---
Hi Andre,
to me this is a clear defect in the current gui.

The gui aims to be for power users (aka Bob and Annika in
https://wiki.gnupg.org/EasyGpg2016/VisionAndStories ).
And the GUI claims to help you manage the Web of Trust,
which some power users still want to do.

In the Web of Trust (and some other trust context) a trusted certificate comes
with a strong indication that it belongs to the userid and is a base for
trusting other certificates.
A certificate that is marginally trusted should not fall in this category,
at least it is missleading. The certificate in questions falls in the category
"some trust"
and when in doubt this meant: not enough trust.

If a user starts to understand the WoT implementation of GnuPG, she will
be surprised by the different behaviour of the kleopatra display and the GnuPG 
backend.

If there is an easy fix, it probably should also be done on older product lines
as long
as they are still in usage.

Best,
Bernhard

-- 
You are receiving this mail because:
You are on the CC list for the bug.