[kleopatra] [Bug 363309] certificates signed through marginal trusted certificates are incorrectly displayed
Andre Heinecke via KDE Bugzilla
bugzilla_noreply at kde.org
Fri May 20 08:55:37 BST 2016
https://bugs.kde.org/show_bug.cgi?id=363309
--- Comment #1 from Andre Heinecke <aheinecke at intevation.de> ---
I'm not sure how to handle marginal trust in the UI. Is marginal trust really
something we should warn about? I think we need to have this information
available for the advanced user and generally treat marginal keys as "ok".
E.g. in the trusted certificates group there is some trust there and trusted
certificates does not say "Fully trusted certificates ;-) "
I think it is more important to highlight the case where there is no indication
that the key belongs to the UID.
With Tofu this is important because TOFU will return marginal trust with a sub
validity:
Values for VALIDITY are:
- 0 :: conflict
- 1 :: key without history
- 2 :: key with too little history
- 3 :: key with enough history for basic trust
- 4 :: key with a lot of history
I think generally we should stick with the three levels "Green, Yellow and Red"
and make further information available in details and for advanced users.
Here I would say that after a validity of 2 we switch to "green". For
"Encrypting to this certificate" and in some overall "UID validity status
indicator" and "yellow" (or whatever gnupg tells us to do, when verifying
signatures).
Here is what I'm currently proposing to use for the Indicator for Opportunistic
Encryption in KMail:
https://phabricator.kde.org/differential/changeset/?ref=34677
(And what I plan to reuse in Kleopatra for recipient selection)
Pretty unsure about this though.
--
You are receiving this mail because:
You are on the CC list for the bug.
More information about the Kdepim-bugs
mailing list