On 31.07.2013, adrelanos wrote: > Downloading a signature doesn't imply, the user > successfully managed to use OpenPGP verification or that the user > couldn't be tricked or just ignored an invalid signature error message.
And therefore, these numbers are without meaning. While there is evidence that reminders can have a slight impact on quality improvement, it would be a lot more effective to explain to the downloader what could happen if he/she does NOT check the signature before using the downloaded software (*). This should come with an easy instruction how to do that. I'm quite shure that would boost the number of downloaders who actually check the signature. (*) This has been used i a variety of different quality improvement strategies, with moderate to great effect (e.g. the health belief model, social marketing..). _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
