gnus-insert-mime-security-button

gnus-insert-mime-security-button

[Lars Magne Ingebrigtsen]

When viewing PGP signed messages, we get buttons before and after the
message.  I think that's kinda unnecessary -- no other parts get
buttons unless you press `K b'.  However, `K b'-in such messages gets
only a new text/plain button, and hitting that button makes Gnus bug
out, so I think perhaps enrolling those messages into the normal MIME
handling routines would be a good idea...  (Even though the messages
aren't MIME.)

-- 
(domestic pets only, the antidote for overdose, milk.)
   larsi@gnus.org * Lars Magne Ingebrigtsen

Re: gnus-insert-mime-security-button

[Kai Großjohann]

On 29 Dec 2000, Lars Magne Ingebrigtsen wrote:

> I think that's kinda unnecessary -- no other parts get
> buttons unless you press `K b'.

But the buttons provide information: they tell you if the verification
was okay or not.  Hm.  OTOH, right now Gnus doesn't verify
automatically at all.  Whee.  Hm.  But omitting the button means that
there is nothing you can click on to tell Gnus you want to verify.

Also, you might get a message with two text/plain parts, one of which
verifies okay and the other doesn't.  Then you want to know which part
of the message you can trust.

kai
-- 
~/.signature

Re: gnus-insert-mime-security-button

[Lars Magne Ingebrigtsen]

Kai.Grossjohann@CS.Uni-Dortmund.DE (Kai Großjohann) writes:

> But the buttons provide information: they tell you if the verification
> was okay or not.  Hm.  OTOH, right now Gnus doesn't verify
> automatically at all.  Whee.  Hm.  But omitting the button means that
> there is nothing you can click on to tell Gnus you want to verify.
> 
> Also, you might get a message with two text/plain parts, one of which
> verifies okay and the other doesn't.  Then you want to know which part
> of the message you can trust.

But I kinda consider all that debugging info.  When I'm reading, I'm
reading, and I don't care about encoding, encryption, verification and
all that jazz.  Whether it's a fifteen-part HTML multipart/related, an
encrypted message/rfc822 or a plain text/plain, I just want to read
it.  Gnus should present it in a manner that pleasing to read by
default. 

If I'm interested in the details, we have `K b', and if I'm really
really interested, we have `C-d', and if I'm totally paranoid, we have
`C-u g'.  :-)

(Besides, the PGP messages have "p" in the mode line.  :-)

-- 
(domestic pets only, the antidote for overdose, milk.)
   larsi@gnus.org * Lars Magne Ingebrigtsen

Re: gnus-insert-mime-security-button

[Kai Großjohann]

On 29 Dec 2000, Lars Magne Ingebrigtsen wrote:

> But I kinda consider all that debugging info.  When I'm reading, I'm
> reading, and I don't care about encoding, encryption, verification
> and all that jazz.  Whether it's a fifteen-part HTML
> multipart/related, an encrypted message/rfc822 or a plain
> text/plain, I just want to read it.  Gnus should present it in a
> manner that pleasing to read by default.

So maybe Gnus should suppress the signed parts where the verification
failed and print

        FORGED CONTENT SNIPPED

in large friendly letters, instead.

kai
-- 
~/.signature

Re: gnus-insert-mime-security-button

[Andreas Fuchs]

[-- Attachment #1: Type: text/plain, Size: 903 bytes --]

Today, Kai Großjohann <Kai.Grossjohann@CS.Uni-Dortmund.DE> wrote:
> So maybe Gnus should suppress the signed parts where the verification
> failed and print

>         FORGED CONTENT SNIPPED
> in large friendly letters, instead.

Eeeek. That would make it a little difficult to read mailing lists where
people sign their mails by default (debian-devel, for example) while
their keys are not in your keyring.

Having faces for the different possibilities (check failed, check OK but
key untrusted, check OK and key trusted) would be nice, I think (a
multi-coloured sidebar, anyone?).

Assuming that signed content for which the check fails is forged by
default would be too confusing and annoying, IMHO -- think bad MTAs and
MUAs which don't do PGP content right.

(Proof by example: is this message forged? (-:)

-- 
Andreas Fuchs, <asf@acm.org>, <d96001@htlwrn.ac.at>, antifuchs

[-- Attachment #2: Type: application/pgp-signature, Size: 231 bytes --]

Re: gnus-insert-mime-security-button

[Graham Murray]

[-- Attachment #1: Type: text/plain, Size: 404 bytes --]

Andreas Fuchs <asf@acm.org> writes:

> Eeeek. That would make it a little difficult to read mailing lists where
> people sign their mails by default (debian-devel, for example) while
> their keys are not in your keyring.

You can configure things so that if the key is not in your keyring
then it will be fetched (as your was) prior to being verified. Also I
run with verify turned on by default.

[-- Attachment #2: Type: application/pgp-signature, Size: 268 bytes --]

Re: gnus-insert-mime-security-button

[Andreas Fuchs]

Today, Graham Murray <graham@barnowl.demon.co.uk> wrote:
> Andreas Fuchs <asf@acm.org> writes:
> You can configure things so that if the key is not in your keyring
> then it will be fetched (as your was) prior to being verified. Also I
> run with verify turned on by default.

Right. But that makes having an internet connection up when you're
reading mail, which is not desireable if you (like me) prefer reading
your mail offline <rant>because your local telecomedians charge for the
time you're connected (which makes reading mail online an expensive
exercise).</rant>

-- 
Andreas Fuchs, <asf@acm.org>, <d96001@htlwrn.ac.at>, antifuchs