On Wed, Jun 30, 2010 at 4:53 AM, Matthew Paul Thomas <m...@canonical.com> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Martin Owens wrote on 21/06/10 19:55: >>... >> Myself and a few others have been working on a concept to improve the >> functionality and ease of use of the gpg key system we use. This >> project code named starfish[1] would be hopefully something average >> users can discover and take advantage of as well as making it easier >> for us geeks to deal with. > > - From what I've seen, the Seahorse developers have been quite eager to > improve its design and understandability. I suggest trying to work with > them before resorting to a replacement.
I don't see this as a replacement -- Seahorse is the down-and-dirty direct replacement for using the GnuPG command line. I see starfish as being an easy-to-use and simplified interface to the complexity that GnuPG provides. It would not be absurd to see users move from Starfish to Seahorse. > >> I would really like your critique of these rough designs for the >> system: >> >> https://wiki.ubuntu.com/Starfish/Design >> >> I have attempted to show the workflow from not having an identity >> (published gpg key) to discovering the possibility, setting it up and >> then creating a network of trust. >>... > > That's an interesting start, but it doesn't seem to cover anything > practical yet. There's nothing there, for example, about verifying that > an e-mail message came from the person it looks like, or encrypting a > chat session, or opening an encrypted file that someone has sent you. True. Something to consider, for sure. > > Everything you have shown is bureaucracy -- it's the stuff you don't > really want to do, but need to do, to get those other things working. > But if you don't design the process end-to-end, you won't know how much > of that stuff is really necessary, or mundane details like what kinds of > window it should use. > > So, start with some use cases and some misuse cases, and work out the > most delightful way of satisfying them or foiling them respectively. For > example: > > * Abigail finds out that she could encrypt her e-mail messages to > Bertrand if she wanted to, and understands what this means, without > any effort on Bertrand's part. > > * Praneeth is borrowing a friend's computer, and is chatting to Vikil > from an Ubuntu guest session. Vikil wants to know that it's really > Praneeth and not someone else. > > * Timon wants to send a file to Androu, Neola, and Marcus so that only > they can read it. (How does the encryption process work? How does > Timon come to understand that any of the recipients might still pass > the file on unencrypted?) > > * Claudia is 15, doesn't take computers that seriously, and thinks > it's funny to "add as a friend" anyone who asks. Derek tries to join > her web of trust. (How does the system discourage her effectively? > What is Ubuntu using the web of trust for in the first place?) > Great feedback. Thank you. > - -- > Matthew Paul Thomas > http://mpt.net.nz/ > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.10 (GNU/Linux) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ > > iEYEARECAAYFAkwrBfYACgkQ6PUxNfU6ecrPbQCeMy3Knga1ZKzBPZD6/B9sXw3D > wKkAn10rqtaMZA+UznaAYvfX6ydycIeh > =I3nh > -----END PGP SIGNATURE----- > > _______________________________________________ > Mailing list: https://launchpad.net/~starfish-team > Post to : starfish-t...@lists.launchpad.net > Unsubscribe : https://launchpad.net/~starfish-team > More help : https://help.launchpad.net/ListHelp > Tag -- #define sizeof(x) rand() :wq _______________________________________________ Mailing list: https://launchpad.net/~ayatana Post to : ayatana@lists.launchpad.net Unsubscribe : https://launchpad.net/~ayatana More help : https://help.launchpad.net/ListHelp
